Reporting Services Security Model
Reporting Services uses a role-based security model to control access to reports, folders, and other items that are managed by a report server. The model maps a specific user or group to a role, and the role describes how that user or group is to access a given report or item. The security model consists of the following components:
- A user or a group account that can be authenticated by Windows security or another authentication mechanism.
- Role definitions that define a set of actions or operations. Examples of role definitions include System Administrator, Content Manager, and Publisher.
- Securable items for which you want to control access. Examples of securable items include folders, reports, and resources.
The combination of all these elements is characterized as a role assignment. In Reporting Services, role assignments provide the security context for items and the report server itself.
Reporting Services provides an authorization model, but it does not include an authentication component. In order for authorization to work, the underlying network security must be able to authenticate the users and groups who access the report server. In this release, authentication is performed by the Windows operating system. You can also use custom authentication if you create a security extension to support it. For more information, see Implementing a Security Extension.
If you have already worked with an application that uses role-based security, you may be familiar with these basic concepts. If you are not familiar with role-based security, or if you want to find out how the Reporting Services implementation compares with other models, see Understanding Role-Based Security.
The following table describes the topics in this section.
|Understanding Role-Based Security||Introduces roles and contrasts Reporting Services role-based security with the security models of other products.|
|Securable Items||Describes items that you can secure.|
|Role Assignments||Describes the elements of a role assignment.|
|Role Definitions||Describes the elements of a role definition.|
|Tasks and Permissions||Introduces the basic components of report server security.|
|Minimum Security and Security Lockout||Describes the minimum level of security that you must have and explains how system lockouts are prevented.|