Define Security Classes
A security officer can create one or more security libraries. Typically each security library will have its own group of security officers. As an example, Rights in Data is typically managed by Contracts or Contracts Data Management, while security of intellectual properties is managed by Legal or Contracts or some combination of the two organizations.
Each security library can have one or more security classes. Unless an individual happens to be a security officer of more than one security class, the individual is not necessarily be aware of or have access to other security classes.
Security Rules and the Rules Engine
IP Export Control Management includes a robust rules engine according to expected rule types to allow product security officers to modify or define new rules and apply them to security classes as needed. Security rules can be reused in multiple security classes. Rule types include:
- Citizenship
- Country-of-birth
- Organization
- Physical Location
- Skill
Security Class Attributes
Each security class type has a set of security class attributes. The security officers are able to add, modify, and even delete applicable security class attributes as appropriate and desired. The security officers should not delete the security class attribute group that is assigned by default nor remove the attribute, Process Access Classification, from the security class attributes as that will lead to a loss of protection of IP security assets.