Routes is a two-tier client/server system. The client application, henceforth referred to as Routes Client, is installed on the computer of each user entered in the system. The server is a database server, either Microsoft SQL Server 2000 or MSDE. User access to the system is enabled if that user is authenticated and authorized to do so. Data storage and management in a central location provides a number of benefits:
- all users in the system work on the same dataset;
- business and security rules are defined only once at server level and are enforced simultaneously for each user account in the system;
- a relational engine-based server streamlines network traffic by delivering only the required data to the client;
- hardware costs may be scaled down, since data is not stored in each client. Clients do not need storage space, client computers do not require data processing capabilities, and server operation does not deduct from the processing efficiency required for displaying data;
- maintenance, backup and restore processes boil down to a minimum, since they occur at server level.
User authentication is name and password based, required when logging in. User accounts are created, edited and deleted by a user with special privileges in the system: the Routes system administrator. Each user is associated with a set of user rights.
Users are authorized when they log in; this process relies on checking the user-specific access rights and loading only those components that the access rights involve. Users are also authorized during the user work session, by permanent checks run on user rights at the level of each system component (at server and client level alike).
Since much of the data handled by the Routes system is classified, the system monitors and records all operations that a user performs. The most significant information available by monitoring data access is:
-
the name of the user who performed the operation;
-
the operation performed;
-
date and time when the operation was performed.
