User Manual
Management platform
Access and security
16
212 | 353 CM110664en_07
Licensing ensures the operation of the system within the agreed system limits.
Only the system is allowed to change license data.
If a license becomes temporarily unavailable (e.g., due to network connection
issues) the system continues to run fully operational for a grace period. The
system continues to check for the license and shuts down at the end of the
grace period, if none of the license checks succeed.
Exceeding the limits of the license (e.g., by integrating more field system data
points than stated in the license) puts the system into courtesy mode. Phases
of courtesy mode accumulate until a total duration of 30 days is exceeded, then
the server shuts down. Unless new licenses are made available, after a manual
restart the system again goes into courtesy-mode exceeding and shut down.
Any unauthorized attempt to modify system license data directly in the
database (e.g., changing the remaining time of a specific license mode) shuts
down the system.
16.3 Access and security
User privileges can be assigned to users and to workstations, allowing users to
be granted the same access from everywhere or different access depending
where they're logged on. The user interface displays only elements, such as
menus, buttons, list items, tree nodes, where the user has at least read access.
Access privileges can be assigned to resources/groups, such as workstations,
features, applications, system objects, system object properties and logical
groups of these resources.
User access rights in Desigo CC are determined by four main factors:
● The system must know the user (authentication).
● The user must be assigned to a user group.
● The user must have the appropriate application rights.
● The user must have the appropriate scope rights.
If all of these conditions are met, the user can log on to Desigo CC, and
read/write objects and execute tasks, depending on the assigned rights.
See
Desigo CC Engineering Manual
(A6V10415473).
Scope is the general term for specific object access in Desigo CC. A scope
segments and implements certain rules for the user role in the project. A user
only sees the area of the building assigned to him, e.g., pumps, receives only
alarms from this area in the event of an emergency and can only acknowledge
those alarms. If an emergency occurs in an area that is not in the scope of this
user, e.g., ventilators, the user does not receive an alarm about this event.
In general, communication channels are non-encrypted due to performance
reasons. Exceptions are communication channels for file transfer using web
and video transfer. Sensitive data (passwords during authentication or user
management configuration) is transferred as encrypted message content.
Wireless input devices (especially keyboards) use radio transmission that is
often not or inadequately cryptographically protected. Even from greater
distances, it is possible to listen in or even plant external data in the system.
We recommend that you do not use wireless input devices. If you must use
wireless input devices, use only devices with proven encryption.
Which ports are used depends on the actual deployment and subsystem
integration of the whole system.
See
Desigo CC System Description
(A6V10415500).
16.4 Event management
Desigo CC lets you quickly, easily, and accurately respond to any event.
License Manager
User management
User authorization
Scopes
Communication security
Communication ports
and protocols