8.2.7   Security Summary

Web browser Clients are limited to which displays they can view, based on user-type. WebAccess User types restrict access to the Project Manager, Graphics and Tags.User types restrict access to displays through a Web Browser, not to ViewDAQ. Area and Level security applies to all users.

 

WebAccess
Component

User Type

Admin

Project
User

User
Manager

Power
User

General
User

Restricted
User

Project Manager

Yes

Yes

Passwords Only

No

No

No

Add/Change Passwords & Users

Yes

 

Yes

 

Yes

 

No

No

No

DRAW

Yes

Yes

No

No

No

No

VIEW (log in)

Yes

No

No

Yes

Yes

Yes

View System Displays:
Alarm Log, Action Log, Station Status, User Program, Script Status, (VIEW)

Yes

No

No

Yes

No

No

Alarm Summary and Alarm Groups

Yes

No

No

Yes

Yes

No

View All User Displays (VIEW)

Yes

No

No

Yes

Yes

Only assigned displays

Recipe Display (VIEW)

Yes

No

No

Yes

Yes

No

Video

Yes

No

No

Yes

Yes

Yes

Point Detail and Block Detail

Yes

No

No

Yes

Yes

Yes

Overview and Faceplate Displays (VIEW)

Yes

No

No

Yes

Yes

No

Trends (VIEW)

Yes

No

No

Yes

Yes

No

Point Info and Point GOTO Dialog Boxes

Yes

No

No

Yes

Yes

No

Acknowledge Alarms (VIEW)

Yes

No

No

Yes

Yes

Only if enabled on assigned display

Change Tag Value

Yes - All

If Area & Security Level matches tag’s

No

If Area & Security Level matches tag’s

If Area & Security Level matches tag’s

Only if enabled on assigned display AND Area & Security Level matches tag’s

Scheduler (VIEW)

Yes

Thru Project Manager

No

Yes

No

No

Reports (VIEW)

Yes

Thru Project Manager

No

Yes

No

No

System Log and ODBC Logs (VIEW)

Yes

Thru Project Manager

No

Yes

No

No

DrawDAQ

Yes

Yes

No

Yes

Yes

Yes

ViewDAQ  - All Displays: System, Alarm, Recipes, Trends, and User Built

Yes

Yes

No

Yes

Yes

Yes

ViewDAQ - Acknowledge Alarms

Yes

Yes

No

Yes

Yes

Yes

ViewDAQ Change Tag Value

Yes - ALL

If tag’s Area =0  & Security Level =0

No

If Area & Security Level matches tag’s

If Area & Security Level matches tag’s

If Area & Security Level matches tag’s

ViewDAQ – Scheduler, Reports, ODBC Logs

Yes

Yes

No

Yes

Yes

Yes

Using the local ViewDAQ on the SCADA node (i.e. the WebAccess icon on the taskbar) all users can access all displays and tags and use the graphics builder including the Graphic Download feature.  All project configuration is done through a Web Browser; only the Administrator or Project Users can configure the Database.

If a Web-browser user tries to change the value of a Tag without correct security Level or Area, a Popup Dialog box will prompt for User Name and Password, similar to local ViewDAQ.  The difference is that this does not Login the new user name.  This enables a "one shot" opportunity to change the selected tag.  After the tag is changed, the Area or Level and user login reverts to the original user.

There is one Administrator account: admin.  The administrator can configure database, build graphics through web browser and view any graphic in VIEW (run-time).  The Administrator account applies to all SCADA nodes and all projects.  Additional Users with "Administrator" capabilities can be configured by a combination of "Project User" and "Power User".

DrawDAQ is available only on the Project node (or a standalone system that has both Project and SCADA node software installed).  Any local user can use DrawDAQ.

ViewDAQ is available only on the SCADA node (or a standalone system that has both Project and SCADA node software installed).  Any local user can use ViewDAQ to view any graphic.  Area & Level restricts which tags the user can change in ViewDAQ.