Hi!
I've a client with questions regarding cube security. I've explained about role-based security which is driven by Active Directory user account membership in security groups. I've talked about data-driven security models. I've described dimensional and cell security ('atomic security').
But one question remains: how effective is it? What I believe is really being asked by my client is: how easy is it to crack?
Now, I've never heard of a direct attack on an SSAS cube succeeding. Have you? Have you ever noted a failed intrusion attempt?
I'm well aware that there are many other potential attack vectors, especially if the cracker gains access to the file system. But here I am talking about a SharePoint-based front end containing the business intelligence portal to the presentation layer. Authorised self-service users can also gain direct access to the presentation layer via an intranet IP. These are the access paths I'm talking about.
FYI, although I'm referring to a fully-patched SSAS 2012/2014 installation, I'd like to ask you if you've ever heard of any attempt to crack an SSAS cube, of any version.
Cheers,