“Today knowledge has power. It controls access to opportunity and advancement.”
Peter Drucker.
Permissions are an important part of an OSS, particularly in a carrier with many different operational groups.
They are the mechanism that only allows a user to access the parts of the OSS, or its data sets, that are necessary for their particular role. From analysing many different products over the years, it seems that most OSS are able to segregate on data types but not so great at permission control by domain.
An example might be that an engineer in the transmission team will need read-write access to the network devices function because she regularly manages the addition of new transmission devices. Furthermore, an engineer in the mobiles team also needs read-write access to their mobile devices. So both engineers are given access to the OSS’s device functionality. But without additional permissions to limit their access to network devices only in their own domains, it’s possible for these engineers to make updates outside their jurisdiction.
When it comes to permissions, most OSS can slice, but not many can slice and dice.
The interesting part about this situation is that most CSPs are organised around operational domains (eg transmission, mobility) but most OSS are built around functional domains (eg network device management, circuit creation) in their database structures. Perhaps we’re starting from the wrong foundations?