Sunday, June 14, 2009

Role Based Access Control

For 12.0.6 and higher versions and 12.1.1 and higher versions....


Due to external regulatory and auditing requirements some customers cannot assign both unrestricted execution and setup access to the same resource or user.

With the introduction of RBAC, security can be driven at a more granular level.
This change will allow them the ability to declare to which application ID and sensitivity level a user has access based on the user’s assigned role.

By leveraging the RBAC model, roles can be granted to users through responsibilities.
Roles can now be defined to consolidate responsibilities and other roles through role inheritance, as well as lower level permissions and data security policies.

This is accomplished through a one-time setup, where all the permissions are assigned to the role.

Users can access Oracle E-Business Suite Diagnostics capability using the seeded responsibility called “Application Diagnostics”

There are three seeded roles:
Diagnostics Super User Role
Application Super User Role
Application End User Role

The assignment of these roles can be implemented through Oracle User Management (UMX).

System administrators can use RBAC to define more granular roles to help restrict execution and setup access for their users.

No comments:

Post a Comment