Implementing Siebel Business Applications on DB2 UDB for z/OS > Security Concepts for z/OS >

About Siebel Application Data Security

All users must provide a user name and password to connect to Siebel Business Applications, regardless of whether they access them through the Siebel Developer Web Client, the Siebel Mobile Web Client, or the Siebel Web Client.

Each user name must be preregistered within the Siebel application and associated with a unique record. This unique record determines a user's access to data by association with Positions and Responsibilities.

• Responsibilities determine the screens and views that are available to an employee.
• Positions determine the data rows that appear in those views, and the data rows that are synchronized to a Mobile Web Client's local database.

Siebel Business Applications allow you to control user access to information from within the application. Because the need to know specific information is usually related to a particular responsibility, data access is defined by responsibility rather than by user.

Attachments that are not stored in the database are stored in a compressed, encrypted format on the Siebel File Server. Attachments are linked to data rows, and access to attachments is therefore restricted by a user's responsibilities and position.

For more information on these topics, refer to the Applications Administration Guide and the Security Guide for Siebel Business Applications.