Module 3

User Management

SC-STC-001
Security Center 5.9.0.0
Security model
SECURITY MODEL

Security Model

Security Center manages (internal) security through 3 entities:

User/User Group privileges define

Users what the users can do.
View playback? Control PTZ? Export video
User groups clips? Unlock doors? Change cardholders’
rights?

Partition Access rights define which

Partitions entities users can see/access
Camera-A? Door-B? Alarm-C?
Users
USERS

User Properties

Password expiry?
User priority level?
Access rights to partitions?
Privileges?
Logon hours?
Default tasks?
Remote control?
 USERS

User privileges

User privileges define what

applications can be used,
which tasks can be opened
and what can be done
within those tasks
USERS

Unconfigured users

A newly created user has no

privileges by default.
If the user wasn’t created
using a privileges template
and that user does not
belong to any user group, all
privileges are undefined.
USERS

Remote control

Remote control of a another user’s

Security Desk → Monitoring task

Required user privilege for remote control:

User groups
USER GROUPS

User groups

A user group’s members can be users, or other user groups

Group privileges (allowed/denied) are inherited by group members
All user configurations are available at the group level except:
• Password settings
• Logon schedules These user properties can be shared with other
users by using the Copy Config Tool
• Security Desk default tasks
• Hot actions
USER GROUPS

Resolving conflicting privileges

As users can belong to multiple groups, and groups can contain sub-groups, sometimes privileges
may conflict.
So, which takes priority, the user privilege or the group privilege?
Answer: Neither.
Deny overrides allow, and allow overrides undefined

Deny

Allow

Undefined
USER GROUPS

Conflicting privileges

User Sam is a member of 3 user groups at the same time:

Privilege: Print/export reports

New
Operators Supervisors
employees
Group Group
Group
Undefined Denied Allowed

Result: Denied (a “Deny” anywhere will always take priority)

What if Sam’s individual profile is configured to “Allow”? Result:
DENIED (a “Deny” anywhere will always take priority)
Partitions
PARTITIONS

Users & partitions

Access rights Access rights

to Partition A to Partition B

Partition A Partition B

Access rights to both

Partitions A and B
PARTITIONS

Partitions - example

Imagine that Security Center is installed in a 4 floor office building. There are 4 different companies in this
office building. A partition is created for each company so that users will only be able to see and manage the
cameras and doors within their own partition.
PARTITIONS

Viewing partition hierarchies

User management
task showing users
and user-groups
Area view task showing
areas, doors and cameras

F4 – Toggles partition view.

Now we can see
Partitions → Areas → Doors →
F4 – Toggles partition view. Cameras
Now we can see in a hierarchical tree
Partitions → User groups → Users
in a hierarchical tree
Privilege
troubleshooter
PRIVILEGE TROUBLE SHOOTER

Entity
PRIVILEGE TROUBLESHOOTER

User
PRIVILEGE TROUBLESHOOTER

Privilege
Thank you

© Genetec Inc., 2020. Genetec, Genetec Clearance, Omnicast, Synergis, AutoVu, Federation, Stratocast, Sipelia, Citywise, the Genetec Logo, the Mobius Strip Logo, the Genetec Clearance Logo, the
Omnicast Logo, the Synergis Logo, the AutoVu Logo, and the Stratocast Logo are trademarks of Genetec Inc., and may be registered or pending registration
in several jurisdictions. Other trademarks used in this document may be trademarks of the manufacturers or vendors of the res pective products.