Functional model for authentication, ownership, access governance, data isolation, permission inheritance, and contextual authorization.
Functional purpose
Security and Governance ensures that every action within Horus occurs under clear rules of identity, ownership, permissions, and visibility. This domain protects the independence of each instance and controls how resources are shared between users.
Operating value
The security model allows operations to be shared without exposing more information or control than needed. Each environment keeps its isolation, each resource has ownership, and each user operates according to permissions defined by role, group, calendar, or context.
Included capabilities
| Capability | Explanation |
|---|---|
| Secure user authentication | Verifies each person's identity before allowing access to the platform or to a Horus instance. |
| Environment ownership | Defines who is primarily responsible for an instance and who can administer it or delegate access. |
| Access governance | Establishes rules to create, modify, limit, or revoke permissions over functions, devices, and views. |
| Isolated data domains | Keeps each instance's information separate to protect privacy, operation, and administrative control. |
| Permission inheritance | Allows certain accesses to derive from roles, groups, or relationships defined inside the environment. |
| Secure sharing model | Enables resources to be shared with other users without granting full control or exposing unauthorized information. |
| Controlled visibility | Determines which data, devices, events, or dashboards each user can see according to their permissions. |
| Contextual authorization | Evaluates access considering role, group, instance, time, requested resource, and active rules. |
Relationship with the Horus ecosystem
Security and Governance crosses the whole platform. It determines who can administer users, see devices, execute scenarios, receive notifications, configure dashboards, or delegate permissions inside an instance.