PCI/CFR Overview > User Authentication and Roles

User Authentication and Roles

Before someone can start using the PCI/CFR software, they are required to authenticate by entering their Windows password. In addition, after 15 minutes of inactivity, the system will require the user to reauthenticate. These features help to ensure that activity within the sofware is attributed to the correct person.

The functions of the software can be divided into four broad categories: acquiring data, viewing data, modifying data and signing data. A user's ability to perform functions in a category is controlled by the user's membership in one or more Windows' Local Groups on the computer.

Windows Local Group	Membership grants ability to:
PCICFR-Acquire	Acquire images and save only newly acquired images
PCICFR-ReadOnly	Open images but not change or save them
PCICFR-ReadWrite	Open, change and save images
PCICFR-Sign	Digitally sign images

Users can belong to more than one of these groups. By assigning users to different combinations of groups, you can create different roles for users. For example, a `Reviewer' may belong to the PCICFR-ReadOnly and PCICFR-Sign groups which would permit that person to open files and sign them, but not to acquire new data or process or annotate images.

These groups are normally created during the installation of PCI/CFR. The system administrator will need to add the appropriate users to each group as discussed in Configuration of the PCICFR- Local Groups.