Master Controller Security Administrator
MCSA is responsible for NTMC security administration, including definition of user groups and user accounts. Once security databases are defined, security policies are enforced in real time by all NTMC components. The sections below summarize the program’s most important activities.
Definition of User Groups
Each user group is a collection of rules, or privileges granted to its members. The rules are specified for each class of NTMC objects, such as remote units, loads, capacitor banks, etc. The rules define activities permitted when group members are dealing with such system objects. For example, in the case shown below, members of the group Irrigators are allowed to view and operate load management loads, but they are not allowed to do anything else with them.
Definition of User Accounts
To access NTMC each user needs to have an account. Every account defines the following user attributes:
 | Username and password - used by security system to authenticate the account owner |
| Group membership - used by security system for authorization purposes |
| First Name and Last Name - used by the system to create audit trails |
For example, in the case shown below, the account identified by username JSmith belongs to a person named John Smith who belongs to the group Operators.
Once logged on all user activities are recorded in event log files by all NTMC components. As usual, all events are time stamped and categorized. In addition, all events manually triggered by a user also record the username, user first name, and user last name. Log - On events additionally identify user's host (computer) network id, or the internet when Log-On is via the internet.
NTMC Object Ownership
Provides even tighter control over access to NTMC resources via the internet. When a particular NTMC object is owned by a user, and that object is tagged so that it can be accessed by owners only (Owner Access Only, or OAO in the figure above), only that user can access the owned object. In the example above, John Smith owns the load called Irrigator9. Since Irrigator9 is tagged with Owner Access Only, only John Smith is able to access the abovementioned load even though other members of the group Irrigators have the privilege to view NTMC objects of class Load.
Usage
MCSA is a security database editor. Once database is defined MCSA can be terminated. Security manager, integrated into all NTMC server components, reads the database and enforces security policies in real time, throughout the system. MCSA needs to be run only when one is modifying security database.