Data Security 1. Data Security controls what data a user can see when he selects a menu or function and what actions he can perform on that data. 2. Data Security Policies restrict access to a)Alll Instances b)A specific Instance and c)An instance set. 3. An object is a system entity subject to access control and usually corresponds to a table. 4. An object is a system entity on which an operation can be performed like create, update, approve, reject, escalate and permissions are needed to perform these operations. 5. Grant is access given to users through responsibilities. 6. Grantee can be a specific user, all users or a group of users. 7. Grants dealing with Business Objects are called data security policies. 8. Grants dealing with application functionality is called function security. 9. Permission is an approval to perform an operation on an object. 10. OUM uses data security for its customer administrator role. 11. Functions are context dependant . a) Responsibility b)Organization c)Security Group and d)None. 12. Direct Responsibilities – Responsibilities assigned to the users directly. 13. Indirect Responsibilities – Inherited indirectly from OUM by a user by virtue of being a member of a group. This is read only. 14. Minimum Password Length can be set by profile. Default is 5 15. Password hard to guess is set by a profile and a)should contain at least 1 number and 1 letter b)should not contain repeating characters c)should not contain the user name 16. Passwords cannot contain control letters that cannot be printed. 17. Responsibilities cannot be deleted. End date to be used. 18. Securing attributes is used by self service and HTML applications to return values based on the data contained in the row. 19. Compile security Concurrent program kicks off automatically to compile menus when you make changes. 20. Users of a Responsibility – Report lists the users with access to specific/all responsibilities 21. Active Responsibilities Report- List responsibilities that are active and the users with access to them. 22. Active users – Users currently active with at least one active responsibility assigned to them. 23. Reports and Sets by Responsibility – Lists responsibilities and request security groups.