The FactoryTalk® Services Platform provides centralized security services, fully integrated into FactoryTalk Directory, and managed by a software service called FactoryTalk Security. The FactoryTalk Security architecture is similar to Microsoft Windows and provides many of the same capabilities, plus additional features customized specifically for the needs of automation systems. FactoryTalk Security improves automation security by controlling user access to applications and devices and provides user authentication and authorization.
FactoryTalk Security authenticates the identities of users and authorizes user requests to access a FactoryTalk system against a set of defined user accounts and access permissions held in the FactoryTalk Directory. FactoryTalk Security provides the following features:
- Authentication verifies a user's identity and credentials and verifies that a request for service originates with that user.
- Authorization verifies a user's request to access a software product, feature, or system resource against a set of defined access permissions.
- Centralized access control and centralized management of system-wide policies
- Integration with Windows security to create Windows-linked accounts that are managed and authenticated by Windows, but have separate permissions for accessing the automation system.
- Integration with Windows domains; however a Windows domain is not required.
- Single sign-on support so you can log on to a FactoryTalk-enabled system once.
- Security information is cached locally, security checks continue to operate without interruption, even when client computers are disconnected from the FactoryTalk Directory
FactoryTalk Security provides centralized authentication and access control by verifying the identity of each user who attempts to access the automation system, and then either grants or denies each user's request to perform particular actions on features and resources within the system.