Overview of Data Warehouse Security

  • Article

The Data Warehouse is accessed for the following tasks:

  • Importing data from the Web server log file and Commerce Server runtime databases.
  • Running reports from Business Desk.
  • Building Prediction and Segment models.
  • Working with the Segment Viewer module in Business Desk.

You must secure your site so these tasks can be performed without risk to your databases. Following is an overview of the steps you must perform and the tools you use to secure your site for these tasks:

  • Importing data. Commerce Server includes security scripts for each of the Commerce Server databases that the Data Transformation Services (DTS) tasks must access.

    You run the appropriate script against the Commerce Server runtime databases and the Administration database. The security scripts create a DTS_ImportRole on each database and assign the appropriate access permissions to the role.

    For information about the DTS task security scripts, see Scripts for Securing Databases Accessed by DTS Tasks.

  • Running reports. Commerce Server includes the ReportViewer and ReportAdvanced security scripts that you run against the Data Warehouse SQL Server database.

    These scripts create two roles on the Data Warehouse database, and assign to the roles the appropriate access permissions on the Data Warehouse:

    • The ReportViewer role has permissions for Business Desk users who run and view reports.
    • The ReportAdvanced role has permissions for Business Desk users who create, delete, and modify reports.

    After you create these two roles, you assign the Business Desk user account to the roles. The roles enable Business Desk users to work with reports without damaging your database.

    For information about running these scripts, see Scripts for Securing Databases Accessed by Reports.

  • Building Prediction and Segment models. Grant the appropriate permissions to the Predictor service to access the Data Warehouse. Follow the steps in Securing a Predictor Deployment.

  • Working with the Segment Viewer module in Business Desk. Run the SegmentViewer script to create a role on the Data Warehouse database. This role has the appropriate permissions required for users to work with the Segment Viewer module. For more information, see Running the SegmentViewer Script to Secure Prediction Tables.

See Also

Data Warehouse Components Requiring Security

Permissions Required to Export Static Reports and Segments to List Manager

Copyright © 2005 Microsoft Corporation.
All rights reserved.