Security Guide for Siebel Business Applications > Configuring Access Control > About Access Control >
Access Control for Data
The following groupings of data are necessary for purposes of discussing access control:
- Customer data
- Customer data includes contacts and transactional data such as opportunities, orders, quotes, service requests, and accounts.
- Access is controlled at the data item level, through a mechanism such as individual record ownership or ownership by an organization.
- Master data
- Other data
- Other data includes referential data that is not master data, such as price lists, cost lists, rate lists, and SmartScripts.
- Access is controlled at the data item level.
Data Categorization for Master Data
Master data can be organized into catalogs made up of hierarchical categories. Organizing data this way serves two purposes:
- Ease of navigation. Categorized data is easier to navigate and search. For example, it is easy to find products of interest in a product catalog organized by product lines and subgroups of related products. For example: Computer Hardware > Hard Drives > Server Drives.
- Access control. Access to catalogs and categories of master data can be granted to collections of users. This is an efficient means to control data access in given business scenarios. For example, you can control partner users' access to your internal literature.
You can categorize master data to represent hierarchical structures, such as product catalogs, geographical categories, service entitlement levels, training subject areas, or channel partners.
A catalog is a single hierarchy of categories, as illustrated in Figure 10.
Figure 10. Example Catalog/Category Hierarchy
The following properties apply to catalogs and categories:
- A catalog is a collection or hierarchy of categories.
- Individual data items are contained in categories.
- A category can contain one or more types of master data.
- A category can be a node in only one catalog.
- A data item can exist in one or more categories, in one or more catalogs.
- A catalog can be public or private. If it is private, some access control is applied at the catalog level. If it is public, then all users can see this catalog, but not necessarily categories within this catalog, depending on whether the categories are private or public.