Security Guide for Siebel eBusiness Applications > Configuring Access Control >

About Access Control


Access control is the term used to describe the set of Siebel application mechanisms that control user access to data and application functionality.

NOTE:  As you work with this chapter, you should determine how the terminology and concepts presented here correspond to your company's internal terminology and structure. This chapter explains the mechanism and their general use, but you will have to decide during the planning stage how to combine the mechanisms to meet your business and security needs.

In Siebel application terms, a screen represents a broad area of functionality, such as working on accounts. Each screen is represented as a tab at the top of the window. In the example below, the Accounts screen is displayed.

Each screen contains multiple views to provide different kinds of access to the data. To the user, a view is simply a Web page. Within a view, the user may see lists of data records or forms, presenting individual or multiple records, and sometimes child records. (These lists and forms are referred to as applets in a configuration context.) Each view (or grouping of views) is represented by text in the link bar below the screen tabs.

For example, Figure 9 shows the Account List View, which corresponds to the applet title My Accounts (the current visibility filter selection). Multiple visibility modes provide access to different views that filter the data differently. In the Account List View, the current user can view accounts owned or assigned to this user. This view includes an Accounts list and an accompanying form with detail for the selected account. Choosing All Accounts from the visibility filter displays the All Account List View instead—assuming the user has access to this view.

Figure 9.  My Accounts View
Click for full size image

Access control elements include the following:

  • Application-level access control. The set of screens that a user has access to are determined by the applications that your company has purchased. Each application is made of a set of available screens.
  • View-level access control. Within the available screens, you can control the views that are available to a particular user through responsibilities. A responsibility defines a collection of views that represent the data and functionality needed to perform a job function.
  • Record-level access control. You can control data records that each user can see through a variety of mechanisms, including direct record ownership by a user, being on a team working with the record, or being a member of the same organization as the record owner.

The sections that follow examine access control further:

  • Parties. People, entities representing people, and collections of people are unified as parties. Different party types have different access control mechanisms available. For details, see Access Control for Parties.
  • Data. The type of data and whether the data is categorized determines which access control mechanisms can be applied. For details, see Access Control for Data.
  • Access control mechanisms. Access control mechanisms you apply to parties and data determines what data a user sees.

For further information, see also the following:

Security Guide for Siebel eBusiness Applications