Scribd Logo
Upload

Welcome to Scribd!

  • 59 views

    FusionSecurity - Day7 and 8

    Uploaded by

    amruthageetha
    This document discusses security concepts in Oracle Fusion including role-based access control, roles, duties, privileges, and data security. It explains that roles define what users can access and duties define specific permissions. Privileges grant access to functions while data security controls access to specific data using profiles, templates, and data roles. Overall it provides an overview of how Oracle Fusion implements security and access management for users, roles, data, and system functions.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd

    FusionSecurity - Day7 and 8

    Uploaded by

    amruthageetha
    59 views66 pages
    This document discusses security concepts in Oracle Fusion including role-based access control, roles, duties, privileges, and data security. It explains that roles define what users can access and duties define specific permissions. Privileges grant access to functions while data security controls access to specific data using profiles, templates, and data roles. Overall it provides an overview of how Oracle Fusion implements security and access management for users, roles, data, and system functions.

    Original Title

    FusionSecurity -Day7 and 8

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    This document discusses security concepts in Oracle Fusion including role-based access control, roles, duties, privileges, and data security. It explains that roles define what users can access and duties define specific permissions. Privileges grant access to functions while data security controls access to specific data using profiles, templates, and data roles. Overall it provides an overview of how Oracle Fusion implements security and access management for users, roles, data, and system functions.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    59 views66 pages

    FusionSecurity - Day7 and 8

    Uploaded by

    amruthageetha
    This document discusses security concepts in Oracle Fusion including role-based access control, roles, duties, privileges, and data security. It explains that roles define what users can access and duties define specific permissions. Privileges grant access to functions while data security controls access to specific data using profiles, templates, and data roles. Overall it provides an overview of how Oracle Fusion implements security and access management for users, roles, data, and system functions.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    of 66

    Oracle Fusion

    Security
    Day 8
    4
    Contents
    Introduction to User accounts

    Users and Role Provisioning

    User accounts work around

    Provisioning roles to users

    Managing security

    Managing security using OIM

    Managing security using APM

    Knowledge check

    Questions on Security 2
    We make experts - http://apps2fusion.com
    Security Overview

    WHO can do WHAT on


    WHICH set of data?

    3
    We make experts - http://apps2fusion.com
    Role Based Access Control

    User – Charles Watson has three roles

    Role – Human Resource Specialist


    Role – Employee
    Role – Line manager

    4
    We make experts - http://apps2fusion.com
    Roles
     Job role
    – Represents a job to which a user is assigned
    – Human Resource Specialist
    – Payroll Manager
    – Inherits duty roles
     Abstract role
    – Associated with a user irrespective of their job
    – Employee
    – Contingent worker
    – Line manager
    – Inherits duty roles

    5
    We make experts - http://apps2fusion.com
    Function Security Privileges
     Individual permissions to access workareas, dashboards, taskflows,
    pages, reports, batch programs, BI subject areas etc
     Also known as Entitlements

    View Manager Hire Employee


    Transaction
    Dashboard

    6
    We make experts - http://apps2fusion.com
    Data Security Privileges
     Secure access to data
     Secure access to actions and page regions

    Manage Person Promote Worker


    Phone Data Data

    7
    We make experts - http://apps2fusion.com
    Duty Roles
     Represents a duty that is performed by somebody
     Inherited by job roles and abstract roles
     Not assigned to users
     Security privileges granted to duty roles
     Used as building blocks

    Worker Promotion Employee Hire Duty


    Duty

    8
    We make experts - http://apps2fusion.com
    Function Security

    9
    We make experts - http://apps2fusion.com
    Data Security
     Security Profiles
    – Used to secure HCM data
    – Not Reference Data Sets
     Data Role Templates
    – Used to secure Reference Data Sets (SetIDs)

    10
    We make experts - http://apps2fusion.com
    Data Security
     HCM users access HCM data via direct assignment to abstract roles and
    data roles
     Security profiles are assigned to these roles
     Abstract roles
    – Included in reference implementation
    – Employee, contingent worker, line manager
    – Data security is implicit: secured via user context
     Data roles
    – Created by customers
    – Inherit job roles
    – Data security is explicit
    – Example: Human Resource Specialist – Vision Operations
    11
    We make experts - http://apps2fusion.com
    Data Security Role Inheritence

    Human Resource
    Specialist

    Absence Worker
    Users and Roles
    Management Duty Administration
    Processing Duty
    Duty

    Worker
    Person HCM Document
    Employment
    Management Duty Management Duty
    Maintenance Duty

    12
    We make experts - http://apps2fusion.com
    Data Security Role Inheritence

    Human Resource Human Resource


    Vision Corporation Vision Services
    Specialist – Vision Specialist – Vision
    security profiles security profiles
    Corporation Services

    Human Resource
    Specialist

    Absence Worker
    Users and Roles
    Management Duty Administration
    Processing Duty
    Duty

    Worker
    Person HCM Document
    Employment
    Management Duty Management Duty
    Maintenance Duty

    13
    We make experts - http://apps2fusion.com
    Data Security Role Inheritence

    Anna.morris David.east

    Human Resource Human Resource


    Vision Corporation Vision Services
    Specialist – Vision Specialist – Vision
    security profiles security profiles
    Corporation Services

    Human Resource
    Specialist

    Absence Worker
    Users and Roles
    Management Duty Administration
    Processing Duty
    Duty

    Worker
    Person HCM Document
    Employment
    Management Duty Management Duty
    Maintenance Duty

    14
    We make experts - http://apps2fusion.com
    Data Security

    15
    We make experts - http://apps2fusion.com
    Data Security

    16
    We make experts - http://apps2fusion.com
    Data Security
     Data Roles automatically created for combinations of Job Role and
    Reference Data Set
    – Each data role can access a single Reference Data Set
    – Data roles are assigned to users
     Data Role Templates
    – Contain rules for generation of Data Roles
    – Delivered as part of Reference Implementation
    – Managed and invoked via APM
     Create new Reference Data Set
    – Invoke SetID Data Role Templates from APM
     Create new Job Role
    – Add job role to Data Role Template if required and invoke Data Role
    Template
    17
    We make experts - http://apps2fusion.com
    Data Security – Data Role Templates
    (Payroll SLA security)
     Data Roles automatically created for combinations of Job Role and Payroll
    – Each data role can access SLA data for a single payroll
    – Data roles are assigned to users
    – Payroll SLA data roles generated for Payroll Manager in the reference
    implementation
     Create new Payroll
    – Invoke SetID Data Role Templates from APM
     Create new Job Role
    – Add job role to Payroll Data Role Template if required and invoke Data
    Role Template

    18
    We make experts - http://apps2fusion.com
    Roles and Duty Roles

    19
    We make experts - http://apps2fusion.com
    Job Roles, Duty Roles and Privileges

    20
    We make experts - http://apps2fusion.com
    Job Roles, Duty Roles, Privileges and Data
    Security Policies

    21
    We make experts - http://apps2fusion.com
    Steps
     Create Abstract and Job Roles
     Create Duty Roles
     Assign Duty Roles to Job/Abstract Roles

    22
    We make experts - http://apps2fusion.com
    Create Abstract and Job
    Roles

     Create Role

    23
    We make experts - http://apps2fusion.com
    XX_Employee Abstract role

    24
    We make experts - http://apps2fusion.com
    XX_Employee

    25
    We make experts - http://apps2fusion.com
    XX_Line Manager

    26
    We make experts - http://apps2fusion.com
    XX_Line Manager

    27
    We make experts - http://apps2fusion.com
    XX_PMP Human Resource Analyst

    28
    We make experts - http://apps2fusion.com
    XX_PMP Human Resource Analyst

    29
    We make experts - http://apps2fusion.com
    XX_PMP Human Resource Specialist

    30
    We make experts - http://apps2fusion.com
    XX_PMP Human Resource Specialist

    31
    We make experts - http://apps2fusion.com
    Create Duty Roles
    In Authorization Policy Manager
    Select hcm for the application and click on
    New application role

    32
    We make experts - http://apps2fusion.com
    XX_Performance management HR
    Specialist Duty

    33
    We make experts - http://apps2fusion.com
    XX_Performance Management HR
    Specialist Duty

    34
    We make experts - http://apps2fusion.com
    XX_Performance Management HR
    Specialist Duty

    35
    We make experts - http://apps2fusion.com
    XX_Performance Management HR
    Specialist Duty

    36
    We make experts - http://apps2fusion.com
    XX_ Performance Management HR
    Specialist Duty : Authorization Policy

    37
    We make experts - http://apps2fusion.com
    XX_Performance Management Line
    Manager Duty

    38
    We make experts - http://apps2fusion.com
    XX_ Performance Management Line
    Manager Duty

    39
    We make experts - http://apps2fusion.com
    XX Performance Management Line
    Manager Duty

    40
    We make experts - http://apps2fusion.com
    XX_Performance Management Line
    Manager Duty

    41
    We make experts - http://apps2fusion.com
    XX_Performance Management Line
    Manager Duty

    42
    We make experts - http://apps2fusion.com
    XX_Performance Management Line
    Manager Duty: Authorization Policy

    43
    We make experts - http://apps2fusion.com
    XX_Performance Management Line
    Manager Duty: Authorization Policy: Data
    Security

    44
    We make experts - http://apps2fusion.com
    XX_Performance Management Worker
    Duty

    45
    We make experts - http://apps2fusion.com
    XX_Performance Management Worker
    Duty

    46
    We make experts - http://apps2fusion.com
    XX_Performance Management Worker
    Duty

    47
    We make experts - http://apps2fusion.com
    XX_ Performance Management Worker
    Duty

    48
    We make experts - http://apps2fusion.com
    XX Performance Management Worker
    Duty

    49
    We make experts - http://apps2fusion.com
    XX_Performance Management Worker
    Duty Authorization Policy

    50
    We make experts - http://apps2fusion.com
    XX Performance Management Worker
    Duty
    Authorization Policy: Data Security

    51
    We make experts - http://apps2fusion.com
    Assign Duty Roles to
    Job/Abstract Roles
     In Authorization Policy Manager:
     Edit
    the Job/Abstract Roles (External
    Roles in APM)

    52
    We make experts - http://apps2fusion.com
    XX PMP Human Resource Specialist

    53
    We make experts - http://apps2fusion.com
    XX PMP Human Resource Specialist

    54
    We make experts - http://apps2fusion.com
    XX PMP Human Resource Specialist

    55
    We make experts - http://apps2fusion.com
    XX PMP Human Resource Specialist

    56
    We make experts - http://apps2fusion.com
    XX Line Manager

    57
    We make experts - http://apps2fusion.com
    XX Line Manager

    58
    We make experts - http://apps2fusion.com
    XX Line Manager

    59
    We make experts - http://apps2fusion.com
    XX Line Manager

    60
    We make experts - http://apps2fusion.com
    XX Employee

    61
    We make experts - http://apps2fusion.com
    XX PMP Human Resource Analyst

    62
    We make experts - http://apps2fusion.com
    XX PMP Human Resource Analyst

    63
    We make experts - http://apps2fusion.com
    XX PMP Human Resource Analyst

    64
    We make experts - http://apps2fusion.com
    XX PMP Human Resource Analyst

    65
    We make experts - http://apps2fusion.com
    66
    We make experts - http://apps2fusion.com

    You might also like