Object:  An element, Dataset or User Map, Reference Object, or configured item that is used in support of Metric Insights functionality; e.g., Metric, Category, Data Source, Template, Folder

Privilege:  A right granted to a Group or individual User that allows the member or User to perform specific Metric Insights functions or use non-configurable methods of fetching data; e.g., Create Folders, Create Datasets, Create Content using CSV files, Maintain Personal Settings

Permission:  A right granted to a Group or individual User that allows the member or User to access content; i.e., data contained in an object.  Types of Permissions include:

• Use Access:  Allows a Power User to use an object when creating other objects or fetching data: e.g., Configurable Data Sources, Data Collection Trigger
• View Access:  Permits a Regular or Power User to see content in an element, Dataset/User Map, Dimension, Category
• Edit Access:  Grants a Power User the ability to edit an object using its Editor

User:  A person who has an account in Metric Insights:  Types of Users and their capabilities are:

• Administrator (Admin): Can perform any function in the system, maintain all types of objects and see all data; has all Privileges and Permissions automatically
  • In Rel. 6.2.3, an Admin may be designated as a System Admin with all of the same capabilities as an Admin in previous releases.  If the new setting is "No", it is possible to prevent an Admin from maintaining System Variables and System Backups as well as "logging in as" or editing the accounts of those designated as System Admin = "Yes".
• Regular User (RU): Based on assigned Privileges and Permissions, can View selected elements and objects, organize their content into Favorites, Folders and Bursts and maintain personal settings but cannot create content or edit other objects
• Power User (PU): Given assigned Privileges and Permissions, can see selected elements and objects, organize their content into Favorites, Folders and Bursts, maintain personal settings,  create content and maintain objects that the PU creates or to which the PU has been granted Edit Access

Groups:  Created to allow Members (Power Users and/or Regular Users) to inherit the same set of Privileges and Permissions that have been granted to the Group.  Types of Groups include:

• Default Group:  one and only one Default Group is created upon initial configuration of Metric Insights in order to have a basic set of Privileges and Permissions to be given to many users; may be updated at any time
• All Access Groups:  one or more Groups that have basic View Access to all elements, Dimensions and Categories and selected assigned Privileges and Permissions that are inherited by all members
• Custom Group: one or more Groups that are granted specific Privileges and Permissions; typically established for a homogeneous group of users; e.g., the HR department, all Sales staff in a particular geographic area

In the manual found in Help & Documentation  > Controlling Access within Metric Insights, its sections contain detailed articles that describe the security applied to each object.