Bookshelf v7.5.3: Data-Level Security

NOTE: Data-level security in Siebel Analytics applications is based on the position- and organization-based security model of the Siebel operational applications. See Security Guide for Siebel eBusiness Applications.

The same report, when run by two different users, can bring up different data. This is similar to how the My Opportunities view in a Siebel operational application displays different data for different users. However, the structure of the report is the same for all users, with one exception. The exception is when a user does not have access to a column within a report. This is a rare case; Siebel Analytics handles this situation by returning the report without the column in question.

Data-level security is configured exclusively through the Analytics repository using Repository groups (the equivalent of Siebel responsibilities). It is configured at the logical layer, mostly on dimensions. The Fact tables, other than the most sensitive Revenue facts (Closed Revenue, Opty Revenue and Expected Revenue), are not secured directly. However, dimensions are secured, as shown in Table 21.

Other data security models such as custom models can be configured in the metadata using similar techniques. This security configuration requires an understanding of the business model setup and filtering mechanisms. See Siebel Analytics Server Administration Guide on using variables in the repository.

Table 21. Security Configuration by Dimension
Dimensions Secured	Primary Owner	Primary Position	Org Based
Accounts		X	X
Activities	X
Assets	X	X	X
Campaigns			X
Claims (Financial Services & Life Sciences)		X
Contacts		X	X
Employee (OLTP)		X
Revenue Fact		X
—Closed Revenue		X	X
—Opportunity Revenue		X	X
—Expected Revenue		X	X
Funds (Through Accts) (Consumer Goods)			X
Promotions (Through Accts) (Consumer Goods)			X
Holdings (Financial Services & Life Sciences)		X
Households			X
Opportunity		X	X
Orders		X	X
Organization (OLTP)		X
Programs			X
Quotes		X	X
Responses	X
Review Or Objective (OLTP)		X
Segment		X	X
Service Requests	X		X
W_ACT_PROD_F (Financial Services & Life Sciences)		X
W_MED_ED_F (Financial Services & Life Sciences)		X
W_OBJECTIVE_F (Financial Services & Life Sciences)		X
W_PER_RANK_F (Financial Services & Life Sciences)		X
W_SYND_DATA_F (Financial Services & Life Sciences)		X
W_SYND_MKT_F (Financial Services & Life Sciences)		X

The security definition for the dimension decides the general area within which the user operates. The reports can further restrict access to the data within the report. For example, if a report contains a filter such as Employee.Login = valueof (USER), then this restricts the rows returned in the report to those where the user is the owner of the record.