|LFX Database of Managed Objects (DMO): User Guide for the Database of Managed Objects|
|<<< Previous||Next >>>|
The Database of Managed Objects (DMO) is a software package that was developed by CSO Lanifex GmbH as part of its Security Consulting and Audit practice, in Vienna, Austria. First developed in 2001, the software was provided to customers who needed to build an inventory of all systems, applications and components within their IT infrastructure. Since then, the tool has grown extensively in capabilities, and now offers many features relevant to IT Operations and Security.
DMO provides an object-based view of information, and allows modelling of hierarchical and other non-relational or arbitrary relationships between its data elements. It can also be seen as a database in its own right, although internally it maps all operations to SQL syntax. Thus, it may be described as an Object-Relational layer on top of a traditional SQL RDBMS. For many of its data exchange operations it supports XML syntax, allowing for ease of import or export of information.
DMO deals with three major entities:
Definitions -- descriptions of objects which might exist within the enterprise
Instances -- specific objects which exist, i.e., instances of definitions
Attributes -- defined as potential values for definitions, but become actual values for instances
All Definitions are defined into a single tree structure, with a single root, and each definition has one parent in the tree (which is another definition, the obvious exception being the root definition.) In addition, Instances may be organized into similar trees, however they may also exist without such a hierarchy, and there may be an unlimited number of such Instance Trees.
Definitions, Instances and Attributes are all user-defined, which means the system administrator can add new definitions, or change existing definitions according to their needs. In addition, instances may be associated with attributes which are inherited from their definitions. If a desired attribute does not exist, it may easily be added, and used immediately without reloading the data.
An important feature of the DMO is a comprehensive Access Control system, which means that definitions and instances may be assigned ownership (user and group), and users and groups may have access rights enforced, which can limit a user's view of certain objects, or their ability to change them.