Professional Documents
Culture Documents
Release 10
– Role-based Access Control (RBAC): Grant function and data access to users
through the roles assigned to them, not to the users directly.
– Function Security: Provide users with access to pages in application user
interfaces and controls the actions that can be performed on those pages.
• Each function security privilege secures the code resources that make up the relevant UI page
– Data Security: Allow or restrict access to data in pages depending on policies,
conditions, masking, and encryption. Data security allows users to view data in
those pages
– Privacy: Secures data that should not be available to other individuals and
organizations, or data whose exposure and use is under the owner's control.
Oracle Confidential Copyright © 2015 Oracle and/or its affiliates. All rights reserved. |
Roles
Key Concept
Data Role: Specific to a job within a dimension of data, and augments the inherited
abstract, duty, or job roles with entitlement to access specific data.
• such as access for a procurement manager in a particular business unit (Or)
Processing Payables Invoice for a specific BU
Duty Role 4
P6
P1 P2 P3 P4 Duty Role 5
====================================================================================
Procurement Job Role
Manager Job Role
Search
Supplier Qualification
Supplier Privileges
Viewing Duty
Qualification
Create Cancel Create Transfer
Purchase Purchase Purchase BPA to
Order Order Agreement Supplier
View
Supplier Assessment
Supplier
Viewing Duty
Assessment
Abstract
Job Procurement Role
Employee
Roles Manager
Duty Buyer Mgt PO Changes Duty Roles Enter Expenses Submit Expenses
Roles Duty Duty
Job Role 1
Assign Job Role 2
Data Role 1
Requisitioning Role Template Abstract Role 1
(Job Role 1 for a BU)
Business Function .
.
Data Role 2
(Job Role 2 for a BU)
Assign Purchasing
Business Function
Data Role 3
(Abstract Role 1 for a BU)
Assign Invoicing
Business Function • A Role template is created for Each Business Function
uthenti^(
Protect Data Database Operational Data DBA /
DBA Manager
in Motion with Protect Data from Vault
Network View and Alteration Select SALARY
X
Encryption using as well as Insider from users;
Operational
Alter table …. DBA
• NOTE: The listed documents are available in the Oracle Documentation Library, which you can
access from: http://docs.oracle.com/
Related Courses:
• Fusion Applications: Security Fundamentals