Access Control and Security

DartStream offers comprehensive access control and security features to protect applications and user data. Both the open-source and SaaS versions provide robust security measures, ensuring applications remain secure and compliant with industry standards.

Both the open-source and SaaS versions of DartStream include foundational access control and security features, allowing developers to implement essential security practices:

1. Role-Based Access Control (RBAC)

   • Enables the definition of user roles with specific permissions, ensuring users can only access features appropriate to their role.

   • Helps maintain a structured and secure access hierarchy within the application.

2. OAuth2 Integration

   • Supports basic OAuth2 login for third-party providers like Google and GitHub.

   • Simplifies the authentication process by leveraging trusted external providers.

3. Data Encryption

   • Provides basic tools for encrypting sensitive data, ensuring information is stored and transmitted securely.

   • Protects user data from unauthorized access and breaches.

The SaaS version of DartStream enhances access control and security with advanced features tailored for enterprise needs:

1. Single Sign-On (SSO)

   • Integrates with enterprise identity providers such as SAML, Okta, and Azure AD for seamless single sign-on experiences.

   • Streamlines user access across multiple applications with a single set of credentials.

2. Advanced Permissions Management

   • Offers fine-grained access controls, allowing detailed specification of permissions for different user roles and groups.

   • Enhances security by ensuring users have the exact access level needed for their responsibilities.

3. Audit Trail

   • Maintains detailed logs of user activities and system events for security and compliance purposes.

   • Provides visibility into user actions and system changes to help detect and respond to security incidents.

4. Data Masking

   • Masks sensitive data to prevent unauthorized access while allowing legitimate users to perform necessary operations.

   • Ensures secure handling of data in compliance with privacy regulations.