on 12-01-2006 9:18 AM
Hello,
I have read this about sharing a MI Client between several users:
"If the applications on the mobile device require data protection or non-repudiation (for example, for time recording), the device should only be used by one user."
<b>Source</b>: http://help.sap.com/saphelp_nw04/helpdata/en/f4/b7863f445f4617e10000000a114084/frameset.htm
As far as I know, IBM DB2e supports data encryption and sharing a device should not be a big problem but since I read the quote above I am a little concerned.
Any help would be appreciated.
Thanks in advance.
Hi Lgnacio,
Yes what you said is correct.
DB2e is the data base used in MI client.
There is no such Restriction that only one user have to use one mobile(with MI application in it)
MI supports multiple users using one device in fact same mobile...
Take an example scenario......
USER1 will loginto his mobile with his username and password and work in the morning...
Now its turn of USER2 to use the same mobile(device) in night shift..he logs in with his username and password
User1 may get different application from USER2....its the administrators job to assign applications based on username(based on roles)
So according to me its not at all a problem to use the same device by multiple users..may be we need to take some care while using it...
Hope this is helpful.
Cheers,
Karthick
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Ignacio,
<Is not enough with DB2e encryption?>
DB2e is used in MI client as database..it should be enough for encryption.
<Can USER1 "steal" some USER2 data?>
Here there are two scenarios :
SCENARIO: 1
1) USER1 logsinto mobile X with his username and password..he will be able to see application which is assigned to him(this application cannot be viewed by USER2)
2) USER2 logsinto mobile X with his username and password..he will be able to view and work on the application which was assigned to him(this application cannot be viewd by USER1)
This scenario is valid when USER1 and USER2 uses different applications in one Device(Mobile)
Scenario: 2
1) USER1 and USER2 may use the same application in same Device in shifts(Morning Shift & Night Shift)...then the users should take care of the data as both use the same data...
But by administrator we can keep track of the USERS who are login or logout...
Generally the main advantage of MI is using the device with multiple users..(We can create multiple users by using on edevice)
Hope this is useful
Cheers,
Karthick
Hi Ignacio,
Please, note that not all Mobile applications use DB2. Some of them, e.g. Mobile Travel Expenses and Time Sheets use another supported option, File I/O.
Data from those applications is exported / imported into .DAT files and User1 can steal data of User2, if (s)he has access to some utilities and the latter one didn't clear the files (via Reset Application) before logging from application off.
Best regards,
Laziz
Hi Ignacio,
Adding to the above points...Yes DB2e is not only data base used in client side but also FileI/O can be used, DB2e is mostly used as Data base in Client side.
Coming to stealing data of others...it is only possible when USER2 has access to view applications of USER1...in that case USER1 when logs off should reset the client i.e press the reset client button in <b>settings</b> ..which will reset all the data in client...so when USER2 logs in and try to access USER1 data he cannot see any data as the data has been reset...
When USER1 logs in again he can sync(Sync password will be different for both users) the client to get all the data downloaded to client and start working....
This all depends,if USERS have access to view others Applications...this are security things can be taken care by administrators.....
If this is not clear and if you need more explanation kindly revert back.
Cheers,
Karthick
hello ignacio, karthick,
the scenario 2 is invalid if taken as it is.
>Scenario: 2
>1) USER1 and USER2 may use the same application in same Device in shifts
>(Morning Shift & Night Shift)...then the users should take care of the data as both
>use the same data...
take note that there is a conversation ID concept in MI. this conversation IDs assigned
to a deployed applications to different users are unique. thus the same application
deployed to different users will have a different conversation IDs. device users will
only be able to work with the same set of data ONLY if the application explicitly
allow that by using the SHARED visibility. generally however, data will be stored
in the SEPARATE stores and data access to other application data is not allowed.
to protect your data, there are several mechanisms that you can employ and data
encryption is the most commonly used one. as mentioned DB2e has a support for
encryption. another way is to implement your own encryption on the application
level. i.e. encrypting the data when saving or setting it to the field, and decrypting
them when accessed. there's a performance tradeoff though...
regards
jo
hello karthick,
yes, they are related. conversationID is generated by the middleware using infos
such as user and application. i think there are 3 factors (user, app and mobile id).
thus, the conversationID will be unique for every application assigned to every
devices and users...
hope this helps.
jo
hello ignacio,
if your application uses the SEPARATED data visibility and DB2e with encryption
enabled, i think is would suffice. however, if the encryption is not unique per user
it would still be very easy to swap data between conversation ids most esp for fileio. (this requires a deep understanding of the underlying layer though... )
just my 2 cents
jo
User | Count |
---|---|
90 | |
10 | |
10 | |
10 | |
7 | |
7 | |
6 | |
5 | |
4 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.