InterSystems Ideas

Have an idea, suggestion, or something that doesn’t work as expected in InterSystems products or services? Share it here on the InterSystems Ideas Portal.

The Ideas Portal is where community members can propose improvements, report bugs, and help influence the product roadmap across InterSystems products and the overall developer experience. 22% of submitted ideas are implemented by InterSystems or members of the Developer Community.

💡 Ideas and bugs are both welcome, no matter how big or small. You can submit feature requests, usability improvements, workflow suggestions, and bug reports. Whether you’re an experienced expert or just getting started, your fresh perspective is valuable.

🛠️ About bugs and fixes. If you have access to InterSystems WRC, please submit bugs there for immediate action. Bug reports submitted through the Ideas Portal are reviewed and tracked, but do not guarantee immediate resolution.

Start by sharing what could be better - the community and our teams will help take it from there.

Add a new idea Subscribe
Status In Progress
Categories InterSystems IRIS
Created by Stella Ticker
Created on Dec 6, 2024

RELATED IDEAS

Role-Based Access Control for Data and Features

Intersystems IRIS currently supports role-based access control (RBAC) through the use of resources and roles. However, this functionality is not consistently implemented across all features. In some cases, access is granted based on a hardcoded %All role. This means that access to certain resources or data is granted only if a user is assigned the %All role, which is all-powerful and provides unrestricted access. This undermines the principle of least privilege, as users may be granted access to more resources than they need, potentially exposing sensitive data or functionality.

Additionally, there are instances where resource and role assignment mechanisms do not work as intended, which compromises the effectiveness of RBAC. In an era where security threats are increasingly sophisticated and data privacy regulations like HIPAA and GDPR are paramount, ensuring that access controls are strictly role-based is more important than ever.

The rise of health APIs and other sensitive data exchanges further underscores the need for fine-grained RBAC. As healthcare, financial, and other regulated industries handle more interconnected data, it is essential that only authorized personnel have access to specific resources or information.

Enhancing Intersystems IRIS to ensure all access is strictly role-based, with no exceptions for hardcoded permissions like %All, would help ensure better compliance with security principles and regulations, offering administrators full control over user access while adhering to the principle of least privilege.

  • ADMIN RESPONSE
    Apr 22, 2025

    Thank you for submitting the idea. The status has been changed to "Planned or In Progress".

    This is not a commitment; plans are subject to change. Stay tuned!

  • Post comment