Presentation is loading. Please wait.

Presentation is loading. Please wait.

Data Sources Create a connection definition in Cognos Step 2: Create a Cognos Account on Each Data Source Step 1: Import Metadata Step 3: Publish Package.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Data Sources Create a connection definition in Cognos Step 2: Create a Cognos Account on Each Data Source Step 1: Import Metadata Step 3: Publish Package."— Presentation transcript:

1 Data Sources Create a connection definition in Cognos Step 2: Create a Cognos Account on Each Data Source Step 1: Import Metadata Step 3: Publish Package Step 4: Report Author Create Report from Package Step 5: Report Consumer Consumer Runs Report Step 7: Framework Manager Developer Publish the Report Step 6: Cognos S ECURITY S S S S S S S

2 Returning…

3 Create a Cognos Logon  The Cognos logon can be given as much or as little access as needed.  The access given to this logon completely controls what can be provided through Cognos. The access can be sub-divided based upon user and role, but cannot be expanded.  It is possible to work with existing logons.  It is possible to work with multiple logons, each granted access to part of the data; each logon would go through the following steps; can create access duplication and problem-solving difficulties Return

4 Create a Connection with Cognos ReportNet  Creating a connection is done by a Cognos administrator. (Brian and Clif for now)  The connection uses the logon/password defined for Cognos.  The Cognos administrators are the only people who know the logon/password. No users interact directly with this logon.  The administrator will then grant permission for this connection to an approved person or group to do the metadata for the data. Note: The connection could be defined to require the user to enter a login/password. However, each subsequent step may then get a different result based on the logon supplied. Return

5 Import Metadata into Framework Manager  Done by a Cognos data modeler (25 licenses available)  Uses the named connection created within Cognos  The developer does not need the logon/password or connect string in order to use the connection.  Cognos lists all of the tables/views/synonyms available to the logon/password, and the developer chooses which definitions to bring in.  Cognos has the ability to import table relationships, if they are defined in the database.  Packages are defined by grouping tables together. In DSS this corresponds to star-join models. Return

6 Publish Datamodel Packages  Done by a Cognos data modeler (25 licenses available)  Packages are saved to the Cognos server and access is granted to approved report author / consumer roles Return

7 Create Reports from Datamodels  A Report Author is defined as someone who has been given a license to run Report Studio and Query Studio (200 licenses)  A Report Author creates a report based on the datamodel packages published from Framework Manager  A Report Author is shown only packages they are granted access to  The Author needs to be aware of column-based and row-based security that is embedded in the datamodel  The Author first tests the report, and then saves the report in a defined folder so that the QA process can be conducted Return

8 Cognos Account Security  When the Cognos account is created, the tables and files it has access to should include all of the tables needed by your data consumers  As an example, on the data warehouse (DSS), the Cognos account has complete access to Student, Financial and Employee data  Users are granted access to a subset of the data available to the account, and Cognos does not show other data  For instance, a user with the role DSS_Financial_Complete sees only packages and reports granted to that group Return

9 Connection Definition Security  A connection to the data source is created using the Cognos account.  Based on a data modeler’s access permissions, they will be shown only the data sources they have been granted access to  If a data modeler has not been granted access to access a particular data source, the data source will not be shown and cannot be chosen by the user.  The connection information (username and password) is encrypted using MD5 and stored on the Cognos application server, which is protected by an F5 firewall router. Connections to the Cognos server are restricted to a select number of fixed IP addresses. Return

10 Framework Manager Table Security  Tables can have column or row-based restrictions defined  For instance, the Employee table has Object Security defined for fields restricted from “general” access; these fields are allowed only for “complete” roles. The table is allowed for both “complete” and “general” users, but “general” users see only part of the fields and get an error if they try to run a report which includes restricted fields  The Account Balance table has a Security Filter applied. “Complete” and “general” users see all the columns, but “general” users see fewer rows, based on the rows allowed by the security filter Return

11 Package Security  A package is an individual or set of data models that a report author can use to create reports.  When a data modeler publishes a package, access to that data is granted to author and report viewer roles  Column and row security can be specified within the tables based on a user’s role. Return

12 Report Authoring Security  Report author sees only data they have been granted access to via roles they have been assigned to  Report author must also be granted role to use an authoring tool (QueryStudio or ReportStudio) Return

13 Report Security  When a report is published, a hyperlink is created on the Cognos portal, in the defined folder structure, with default roles assigned to the folder  If a user is granted permission to run a report, this hyperlink is visible.  If a user is not granted permission to run a report, the hyperlink is not visible. Even if the user is sent the hyperlink, the user will get an error when they attempt run the report  Administration of this access can be done centrally, or it can be distributed to the security administrators for a particular area. For example, Cheri Rawles has been given access to publish reports for Financial and Employee DSS data, and to give data access to those users who have been authorized by the data stewards. Return

14 Report Viewing Security  Reports are run using a standard web browser  The system will only accept requests using the Secured Sockets Layer (SSL) protocol, which encrypts all of the data during transmission  The report viewer user can only run reports they have been granted access to, as Cognos shows only these reports in the web portal  The report viewer user will get an error if they try to run a report they were granted access to, if the report contains data they are not granted access to  The report viewer cannot see or determine a report’s data source, the data connection used, or the logon / password used to access the data, except as that information is documented in metadata descriptions of the report Return

15 Next

16 Return

17 Data Sources Create a connection definition in Cognos Step 2: Create a Cognos Account on Each Data Source Step 1: Import Metadata Step 3: Publish Package Step 4: Report Author Create Report from Package Step 5: Report Consumer Consumer Runs Report Step 7: Framework Manager Developer Publish the Report Step 6: Cognos S ECURITY S S S S S S S

Download ppt "Data Sources Create a connection definition in Cognos Step 2: Create a Cognos Account on Each Data Source Step 1: Import Metadata Step 3: Publish Package."

Similar presentations

Creating a Login Process Creating a users table and a login form that denies access to unauthorized users.

Creating a Login Process Creating a users table and a login form that denies access to unauthorized users.
Microsoft Excel 2003 Illustrated Complete Excel Files and Incorporating Web Information Sharing.

Microsoft Excel 2003 Illustrated Complete Excel Files and Incorporating Web Information Sharing.
15.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 15: Configuring a Windows.

15.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 15: Configuring a Windows.
Selecting a Business Intelligence Standard for Higher Education Mid Atlantic Educause Conference Baltimore, Maryland Baltimore, Maryland January 10, 2006.

Selecting a Business Intelligence Standard for Higher Education Mid Atlantic Educause Conference Baltimore, Maryland Baltimore, Maryland January 10, 2006.
CPSC 203 Introduction to Computers Tutorial 59 & 64 By Jie (Jeff) Gao.

CPSC 203 Introduction to Computers Tutorial 59 & 64 By Jie (Jeff) Gao.
1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.

1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.
Design Aspects. User Type the URL address on the cell phone or web browser Not required to login.

Design Aspects. User Type the URL address on the cell phone or web browser Not required to login.
Report Distribution Report Distribution in PeopleTools 8.4 Doug Ostler & Eric Knapp 7264.

Report Distribution Report Distribution in PeopleTools 8.4 Doug Ostler & Eric Knapp 7264.
ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.

ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 10: Server Administration.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 10: Server Administration.
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. | Title Slide without Picture Subtitle Presenter’s Name Presenter’s Title Organization,

Copyright © 2015, Oracle and/or its affiliates. All rights reserved. | Title Slide without Picture Subtitle Presenter’s Name Presenter’s Title Organization,
1 Chapter Overview Creating User and Computer Objects Maintaining User Accounts Creating User Profiles.

1 Chapter Overview Creating User and Computer Objects Maintaining User Accounts Creating User Profiles.
Session 11: Security with ASP.NET

Session 11: Security with ASP.NET
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 3 Administration of Users.

Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 3 Administration of Users.
SMART Agency Tipsheet Staff List This document focuses on setting up and maintaining program staff. Total Pages: 14 Staff Profile Staff Address Staff Assignment.

SMART Agency Tipsheet Staff List This document focuses on setting up and maintaining program staff. Total Pages: 14 Staff Profile Staff Address Staff Assignment.
Classroom User Training June 29, 2005 Presented by:

Classroom User Training June 29, 2005 Presented by:
C Copyright © 2009, Oracle. All rights reserved. Appendix C: Service-Oriented Architectures.

C Copyright © 2009, Oracle. All rights reserved. Appendix C: Service-Oriented Architectures.
Hands-On Microsoft Windows Server 2008

Hands-On Microsoft Windows Server 2008
Module 8 Configuring and Securing SharePoint Services and Service Applications.

Module 8 Configuring and Securing SharePoint Services and Service Applications.
By Lecturer / Aisha Dawood 1.  Administering Users  Create and manage database user accounts.  Create and manage roles.  Grant and revoke privileges.

By Lecturer / Aisha Dawood 1.  Administering Users  Create and manage database user accounts.  Create and manage roles.  Grant and revoke privileges.

Similar presentations

Ads by Google