Securing Analysis Services
The process of securing Microsoft SQL Server 2005 Analysis Services (SSAS) occurs at multiple levels. You must secure each instance of Analysis Services and its data sources to make sure that only authorized users have read or read/write permissions to selected cubes, dimensions, cells, mining models, and data sources, and to prevent unauthorized users from maliciously compromising sensitive business information. The process of securing an instance of Analysis Services is described in the following steps.
Configuring the Logon Account for Analysis Services
Securing an Analysis Services Instance
Configuring Access to Analysis Services
First, it is important to understand the security architecture of an instance of Analysis Services, including how Analysis Services uses Microsoft Windows Authentication to authenticate user access.
For More Information: Security Architecture
You must select an appropriate logon account for Analysis Services and specify the permissions for this account. You must make sure that the Analysis Services logon account has only those permissions that are necessary to perform necessary tasks, including appropriate permissions to the underlying data sources.
For More Information: Configuring the Logon Account for Analysis Services
Next you must secure the Analysis Services computer, the Windows operating system on the Analysis Services computer, Analysis Services itself, and the data sources that Analysis Services uses.
For More Information: Securing an Analysis Services Instance
As you set up and define authorized users for an instance of Analysis Services, you need to determine which users should also have permission to administer specific database objects, permission to view the definition of specified objects, or permission to access data sources directly.
For More Information: Configuring Access to Analysis Services