Kdb+ Server User Permissions

A commercial module is available from timestored to implement user security ontop of kdb+. qStudio provides the interface shown below for configuring user access permissions.

Overview

User Permissions allows placing users into groups and restricting groups access to q variables and system calls.

  • All users belong to a group
  • Groups have a type that dictates their access level
  • Groups can also have white-lists and black-lists to permit or deny them access to any q variable.
  • If a user is in multiple groups, their action is permitted if it would be permitted by any group.
User Administration Groups Screen

Group Types

  • Super-Users - Have no restrictions
  • Power-Users - Permitted access all entities except those specified in black list.
  • Users - NOT permitted access to any entities other than those in white list.