Yellowfin Evaluation Guide

Yellowfin is used for both enterprise analytics and embedded analytics use cases and for building bespoke analytical applications. Use this guide to ensure Yellowfin is the right technical fit for your requirements.

  1. Evaluation Guide
  2. Security
  3. Security Model

Security Model

  • In this section

    Updated 15 June 2020
  • User/UX Security

    This section refers to the level of access a user has within the Yellowfin application, relating to what they can do and what data they can see once inside of the application.

    Functional Security

    How are user roles assigned to users?

    In Yellowfin, a user’s role controls their access to functionality within the application, such as whether a user is allowed to create reports, or if they are limited to a read-only capacity. User roles are created in the Yellowfin Administration Console and can be highly customized to suit your specific needs, with over 100 unique permissions. Yellowfin provides 5 pre-built roles, ranging from a read-only Consumer to fully privileged System Admin <screenshot of role edit page, with one broad category expanded>

    Can I create custom roles within the application?

    Yes – Yellowfin has pre-bundled roles but you can also create your own, and assign any combination of system functions to that role.

    Can I programatically update a user’s role in Yellowfin based on a role change in my app?

    Roles and other user attributes can be modified programmatically via Yellowfin’s administration webservices. Synchronising user attributes and security access is an integral step of a standard SSO implementation.

    Further Reading:

    Learn more about Role management here 

    Content Security

    How is access to content managed? How configurable is content access in Yellowfin?Content in

    Yellowfin is organized and secured by being placed into a structure of Content Folders. These folders tend to either delineate content by business unit (finance, sales, etc) or modularize the content by experience (broad organizational reports vs day-to-day management reports). Additionally, all individual content can layer its own unique permissioning on top of these folders, enabling the construction of highly complex and granular user experiences.

    A user is assigned access to content folders and content items either individually, or based on their current role permissions or user group memberships. Once done, they can access the content stored in that folder unless that content has been marked private and assigned on an individual basis. <see below>

    Can we group users for shared experiences?

    In most businesses, access to information is not controlled on a person by person basis but rather is based on that person’s role within the organization. As covered above, a user’s access to functionality can be grouped based on User Roles. To apply this to content folders and other features such as collaboration, we can additionally employ a feature called “User Groups” that allow us to provide access to content and collaboration features to entire teams.

    For more complex use-cases, it is possible to assign both user roles and other user groups access to a specific user group.

    Further Reading:

    Learn more about content folder security here 

    Data Security

    How is security handled at the data layer? Can I restrict users access to data at a row or cell level?

    Data security in Yellowfin is primarily implemented at the metadata layer, and typically consists of a combination of several different components:

    • Access Filters – Access filters limit the dataset at the row-level by adding mandatory filters based on what user is viewing the report. Access filters are created by first defining a user/row-level-value mapping <data source access filter menu>, and then associating that mapping with the appropriate column in the metadata layer <view access filters>
    • Data Source Substitution – DS Sub is a multi-tenancy functionality paired with client organisations that allows you to switch what datasource a report is running against, based on what organisation the user is in at the time that report is run. Use this feature if you currently separate client data by databases with shared schemas, but only want to create one report
    • Column Level security – Each column in Yellowfin can be secured individually allowing you to prevent sensitive information from being queried in an ad-hoc report creation capacity.

    Can I inherit database permissions?

    What database tables the user is allowed to see at the metadata layer is based on the permissions of the authenticated user in the underlying datasource connection. This allows you to create distinct data sources with unique access to the underlying data, as well as employ more advanced approaches such as pass-through authentication.

    Automating Security Administration

    Each step of the user security experience can be automated using the Administration Web Services, from creation of users and roles, to the delegation of content access, to minute-by-minute updates to row level security.

    This is typically done in the context of an SSO synchronization process.

  • Application Security

    3rd Party Identity Management Systems

    How does Yellowfin authenticate System & Service Interfaces using Web Services, REST Services & APIs?

    Yellowfin can use external Identity Providers for authenticating users.. Yellowfin natively supports authentication via LDAP enabled providers. Yellowfin also provides a pre-built SAML bridge that can interface with SAML enabled Identity Providers.
    Custom authentication adapters can be written to bridge custom or proprietary authentication systems with Yellowfin using a suite of SSO and user provisioning web services.

    Further reading:

    Read more about the SAML Bridge here

    Read more about Single Sign-on here

    Data Security

    Does data ever come to rest in Yellowfin?

    Yellowfin will store data in memory temporarily whilst reports and dashboards are being viewed. Other options, which are not enabled by default, allow reports and filter values to be cached in the Repository Database. This is used for taking a snapshot of a report, and for allowing users to choose filter values from a dropdown list. The Report Data Cache can also store data in memory. This will store the dataset of a Report Query for reuse within a configurable time period.

    Can I encrypt data in transit?

    Data in transit can be encrypted. This includes data travelling between the datasource and Yellowfin, and the rendered reports travelling from Yellowfin to the user’s browser.

    How is data in transit secured?

    Web traffic can be encrypted with SSL. This delivers data securely to the end user’s browser via HTTPS.

    Data travelling between Yellowfin and data sources can be encrypted by several means, including encryption enabled by specific JDBC drivers, HTTPS enabled links for XML/A and Third-Party connectors. Network traffic can also be encrypted externally with VPN links.

    Can users write back into my Data Repository?

    Write-back can be implemented in several ways, via code-widgets that allow write-back from a dashboard, or via links that are embedded in reports that take you to an external application where data can be modified and updates information in reports.
    Additionally you can create DB connections with users that only have read permissions to ensure the connection cannot be used for writing.

    Password Management

    How are passwords stored in Yellowfin?

    When using internal user authentication, Yellowfin passwords are encrypted with a one-way hash using the BCrypt algorithm. Passwords that require two-way encryption are encrypted with a Triple DES algorithm.

    Installations where external user authentication is used, like LDAP, SAML or webservice SSO, user passwords do not need to be stored in the application.

    Can I set a password policy for my users?

    Yes, Yellowfin supports password complexity rules, including length and included character and password reuse rules.

    How does Yellowfin support locking an account after failed login attempts?

    Yellowfin supports account locking when a configurable login attempt limit is met.

    Web Application Security

    How is access restricted for incoming requests?

    Web requests to the Yellowfin application are interrogated to ensure that an active session exists, and that the user associated with the session is allowed to perform the requested action.

    Additional security can be configured with custom ServletFilters to interrogate requests and perform custom logic. This may provide functionality like checking request origins or ensuring that a user has a valid SSO session.

    Yellowfin does ship some configurable ServletFilters that provide additional functionality, such as HTTP Refer checks, configurable application entry-points, and CSRF protection.

    How is access restricted for outgoing connections?

    Generally Yellowfin will only be making requests to external data sources. At a content level, access to different sources can be configured within the Application.

    At a network level, an outgoing firewall should be configured to only allow access to the required external resources.

    How does Yellowfin protect my environment from malicious code injection?

    Yellowfin features that allow code to be published are disabled by default, and need to be enabled for specific users. Yellowfin inputs are tested for XSS issues as part of our security testing.