General Concepts
Overview
The Mileposts security framework consists of a variety of security features to prevent unauthorized access to student information. The security framework includes highly granular authentication and authorization mechanisms.
Authentication
The Mileposts system uses forms based authentication that uniquely identifies a user and the domain that they are accessing. The system uses SSL so there is no chance of clear text passwords passing over the wire. The users passwords are stored in the database as hashed values which prevents any chance of others gaining access to someone's password. The system has a configurable password complexity system to guarantee passwords that are not easily guessed. Once authenticated, the users authorizations are determined and these authorizations are what is used to grant access to various parts of the system and to student information.
Authorization
The authorization framework determines what an authenticated user has access to. The Mileposts authorization framework uses various rules to authorize access to various parts of the system as well as access to student information. The system uses the following concepts.
Scope: Scope is the concept of defining what a user has access to. For example, the system uses class scope to determine what classes a user has access to and student scope to determine what students a user has access to.
Securables: Securables describe the resources or data that a user has access to and the type of access that is granted to a user. For example, the securable STUDENT_PROFILE grants access to student profile information along with specific access levels such as View, Update and Delete. The authorization managers will of course require scope to the student together with the proper securables.
Permissions: Permissions can be granted to users or groups of users. The Mileposts system generally uses permissions to control access to functional area of the system. For example, the permission USER_SETUP will grant the user the ability to create and manage user accounts.
Controlling Access to Student Data
Access to student data is generally a two part check as illustrated below.
Related Articles
Security Groups
Security Groups are used to group staff together that have the same security access/needs. This helpful and saves time by creating a group and adding all the people to that group rather than adding all the security or access to each individual staff ...Security (Complete Guide)
The security section is used for granting permissions and access to different tools or tasks in Mileposts Security Groups Groups A table of current Security Groups Add new Group General Tab Name Name of Security Group Public Key This will be auto ...Groups and Security
Overview Mileposts groups are a quick and very intuitive way to manage permissions for groups of users. Mileposts Security Groups have a set of authorizations associated with them. Any user assigned to a group will inherit that set of authorizations. ...Custom Class Lists & General Notes Tool
This webinar will guide you through the process of creating custom class lists in Mileposts. You will also be able to see the various ways to add notes to student e-files. Distance Learning Support- Mileposts
EdPower is dedicated to supporting educators with Distance Learning. We have put together a few ways that we believe you can utilize the EdHub app whether teaching in person, in a hybrid model or remotely. Student Educational Support Assessment ...