L14 assigning access

14Copyright © 2008, Oracle. All rights reserved.

Assigning Access to Data and Documents

Copyright © 2008, Oracle. All rights reserved.

Objectives

After completing this lesson, you should be able to:

• Describe application settings for security

• Explain how users’ data and document access rights are determined

• Define security classes

• Assign users and groups access to security classes

• Run security reports

• Configure security auditing

• Run auditing reports

• Load and extract security files

• Migrate security

Copyright © 2008, Oracle. All rights reserved.

Application Settings and Security

Application settings

Entity dimension

East Sales(Member Attribute)

SecurityClass = US

Account Scenario Custom1 Custom2 Custom3 Custom4ICP

UseSecurityForEntities = YUseSecurityForAccounts = YUseSecurityForScenario = Y

Security classes

USEuropeAustralia

Copyright © 2008, Oracle. All rights reserved.

Data Access

Access to a data cell is determined by the user’s most restrictive member access.

MemberUser Accessto Member

Sales All

Costs Read

Florida All

France None

All/None

Read/None

All/All

Read/All

Copyright © 2008, Oracle. All rights reserved.

Document Access

Every document has a security class.

Copyright © 2008, Oracle. All rights reserved.

Defining Security Classes

You associate the security class dimension with the Security Class properties of the dimensions for which security is enabled.

[Default] is a system-generated security class.

Dimension association

Copyright © 2008, Oracle. All rights reserved.

Assigning Access to Security Classes

Assigns access for the currently selected cells

Enables email alerts

Copyright © 2008, Oracle. All rights reserved.

Running Security Reports

Copyright © 2008, Oracle. All rights reserved.

Configuring Security Auditing

Configure auditing at – Global level for all applications – Project level for specified projects– Application level for specified applications

Specify activities to audit at global, project, and application levels

Global Project Application

Copyright © 2008, Oracle. All rights reserved.

Running Auditing Reports

Copyright © 2008, Oracle. All rights reserved.

Loading Security Files

!USERS_AND_GROUPSFINAPPS\AdminGroupFINAPPS\ChrisWFINAPPS\PatM

!ROLE_ACCESSAdministrator;FINAPPS\trnadminLoad System; FINAPPS\AdminGroupReviewer1; FINAPPS\PatM

!SECURITY_CLASS_ACCESSSystem;FINAPPS\AdminGroup;All;YSystem;FINAPPS\ChrisW;Read;YEurope;FINAPPS\ChrisW;All;Y

Copyright © 2008, Oracle. All rights reserved.

Loading Security

Copyright © 2008, Oracle. All rights reserved.

Extracting Security

Copyright © 2008, Oracle. All rights reserved.

Migrating Security

Use the Application Migration Wizard to migrate security artifacts.

Define Migration

Copyright © 2008, Oracle. All rights reserved.

Summary

In this lesson, you should have learned to:

• Describe application settings for security

• Explain how users’ data and document access rights are determined

• Create security classes

• Assign users and groups access to security classes

• Run security reports

• Configure security auditing

• Run auditing reports

• Load and extract security files

• Migrate security