Security Configuration Considerations on the FICO Analytic Cloud
The following information describes the security implications when using Xpress Executor on the FICO Analytic Cloud.
Xpress Executor operates in a secure configuration when deployed on the FICO Analytic Cloud. This secure configuration enforces a number of restrictions:
- Solver algorithms are limited to 4 threads.
- Module parameters can only be set in the model itself.
- mmjobs: routines 'connect' and 'detach' are disabled.
- mmhttp: routines httpget, put, post, get and startsrv are disabled.
- mmodbc: connection strings must be of the form "DSN=<dsn>" or use the integrated 'sqlite' driver.
- mosjvm: Java classes will execute under a security manager to prevent access to files outside the Mosel work directory, starting subprocesses, accessing databases or network resources; For more, see the section "Use in Mosel Restricted Mode" of the "Mosel to Java Module" reference manual.
![]() |
Note These restrictions are in addition to the default rules:
|
- NoExec (no system calls or interaction with external native code)
- NoReadNoWriteWDOnly (file system access restricted to the current working directory only)