1. Get rid of all advertisements and get unlimited access to documents by upgrading to Premium Membership. Upgrade to Premium Now and also get a Premium Badge!

R12-Ebusiness Suite System Administrator Essentials- Exam Prep - CSO 1

Discussion in 'System Administration & Application DBA' started by Ramji, Feb 10, 2012.

  1. Ramji

    Ramji Forum Guru

    Likes Received:
    Trophy Points:
    Introduction to Oracle Applications Security

    1. 6 Layers of Access Control each layer building on top of the below layer
    2. Function Security and Data Security are the Required Layers , rest are optional
    3. The 6 Layers are F,D,R,D,R,S (Function Security, Data Security, Rolebased Access Control,Delegated Administration,Registration Processes and Self Service Approvals)
    4. Oracle User Management OUM =RDRS the optional layer
    5. The Level of administration increases Flexibility and Scalability
    6. FD = Sys Amin RD= Local Admin and RS = End Users
    7. The Base Layer of the Model is Function Security
    8. Function Security restricts access to Menus and options, but not the data contained within
    9. Data Security restricts access to the data and what you can do with it ie. Actions you can do or not do once you access a menu.
    10. Data Security is not used by all Oracle Application Products.
    11. Products that do not use Data Security- Cash Management, Projects and Quality
    12. Data security restricts the actions and operations that can be performed on database objects.
    13. Data Security is set at All Instances, An Instance Set or a Specific Instance.
    14. Role Based Access Control is access controlled through Roles
    15. A Role is a one time setup performed to provide access to responsibilities , permissions and functions.
    16. Role is assigned to users who inherit the permissions based on the assignement.
    17. By changing the permissions or role inheritance hierarchy the users automatically inherit the new set of permissions without the need to individually assign them.
    18. Delegated administration builds on RBAC to delegate the rights needed to manage users and roles.
    19. In a decentralized model the system administrator could sit in New York and local administrators could assist him from Sydney or London.
    20. Administration privileges are assigned to local administrators to determine the roles, users and organizations they can manage.
    21. User Administration Privileges control the group of users the local administrators can manage. E.g. query only for one group, full privileges for another group and so on.
    22. Role administration Privileges control what roles the local administrator can assign and revoke.
    23. Organization Administration Privileges determine which organizations the local admin can access.
    24. Registration Processes enable users to perform initial registration tasks.
    25. Self service account creation request eg Initial User Registration, Request for additional access and the account creation process by local administrators is streamlined.
    26. Ensures consistency and uniform application of the Organizations security policies.
    27. End Users can perform self service and approval tasks like creating new user accounts, resetting passwords and requesting additional system access