Security Guide for Siebel eBusiness Applications > Configuring Access Control > About Access Control >

Access Control for Data

The following groupings of data are necessary for purposes of discussing access control:

• Customer data
  • Customer data includes contacts and transactional data such as opportunities, orders, quotes, service requests, and accounts.
  • Access is controlled at the data item level, through a mechanism such as individual record ownership or ownership by an organization.
• Master data
  • Master data includes the following referential data: products, literature, solutions, resolution items, decision issues, events, training courses, and competitors.
  • Master data can be grouped into categories of similar items—for example, hard drives. Categories can then be organized into catalogs—for example, computer hardware—which are hierarchies of categories. Access can be controlled at the catalog and category levels through access groups, which is the recommended strategy for controlling access to master data. For more information about creating catalogs, see Siebel eSales Administration Guide.
  • Master data can be associated with organizations. By associating master data with organizations, access can be controlled at the data item level. This strategy requires more administration than the access group strategy.

    NOTE:  Divisions provide a way to logically group positions and assign currencies. Organizations provide a mechanism to control data access.

• Other data
  • Other data includes referential data that is not master data, such as price lists, cost lists, rate lists, and SmartScripts.
  • Access is controlled at the data item level.

Data Categorization for Master Data

Master data can be organized into catalogs made up of hierarchical categories. Organizing data this way serves two purposes:

• Ease of navigation. Categorized data is easier to navigate and search. For example, it is easy to find products of interest in a product catalog organized by product lines and subgroups of related products. For example: Computer Hardware > Hard Drives > Server Drives.
• Access control. Access to catalogs and categories of master data can be granted to collections of users. This is an efficient means to control data access in given business scenarios. For example, you can control partner users' access to your internal literature.

You can categorize master data to represent hierarchical structures, such as product catalogs, geographical categories, service entitlement levels, training subject areas, or channel partners.

A catalog is a single hierarchy of categories, as illustrated in Figure 10.

Figure 10.  Example Catalog/Category Hierarchy

The following properties apply to catalogs and categories:

• A catalog is a collection or hierarchy of categories.
• Individual data items are contained in categories.
• A category can contain one or more types of master data.
• A category can be a node in only one catalog.
• A data item can exist in one or more categories, in one or more catalogs.
• A catalog can be public or private. If it is private, some access control is applied at the catalog level. If it is public, then all users can see this catalog, but not necessarily categories within this catalog, depending on whether the categories are private or public.