The Complete Device Management Solution
Remote Monitoring, M2M and Device Management Software Platform
Tibbo AggreGate News RSS Feed Tibbo AggreGate Twitter Tibbo AggreGate Blog Subscription

Technology > Features > Architecture > Hierarchical Multi-User Environment

Hierarchical Multi-User Environment

Large AggreGate installations are operated by many people, including system administrators, operators, analysts digging through data and preparing reports, etc. In such a complex environment it's extremely important to ensure security and restrict access to important data.

AggreGate Server may have an unlimited number of user accounts. System resources are usually owned by the user who creates them. User permissions are configured by editing a permissions table defining that user's access level to every system resource. This lets administrators implement complex security schemes which actually reflect the user's role in the organization. Some examples:

  • Allowing one users to access/view/modify devices and resources (alerts, reports...) that belong to another user.
  • Allowing one user (team leader) to modify permissions of some other users (team members).
  • Restricting a user's access to his own devices and resources, e.g. enabling read-only access to devices or reports.
  • Temporarily suspending a user's account by revoking all permissions.

Every record of permissions table may define user's access level for one resource, several resources or even a subtree of dependent resources, allowing batch configuration.

Configurable user permissions also make life simpler for operators, by allowing them to view only resources that are relevant to their job. For example, the following permission schema is often used for Time and Attendance control system:

  • System administrator has full permissions.
  • Company executives have access to reports.
  • HR staff may view/configure employee profiles and custom shifts.
  • Security personnel are allowed to view real-time entry/exit events and event history.
  • IT engineers may edit report templates, create new reports, browse event history and modify employee database.

Every user account has a set of preferences, such as time zone, date/time format and preferred language.

User Self-Registration

User self-registration is very helpful during the first stages of system deployment. System users may create their own accounts and provide some personal information (name, e-mail, company/department, phone no., etc). Once registered, they get their own login/password pair.

Self-registration can save lots of time for the administrator during initial deployment. When system installation is over and it enters production mode, self-registration should be disabled for the sake of security.
Support Form