Siebel Analytics Installation and Configuration Guide > Configuring Authentication in Analytics and Operational Applications >

Data-Level Security in Analytics Applications

NOTE:  Data-level security in Siebel Analytics applications is based on the position- and organization-based security model of the Siebel operational applications. See Security Guide for Siebel eBusiness Applications.

Data-level security defines what the application user sees inside a report. The same report, when run by two different users, can bring up different data. This is similar to how the My Opportunities view in a Siebel operational application displays different data for different users. However, the structure of the report is the same for all users, with one exception. The exception is when a user does not have access to a column within a report. This is a rare case; Siebel Analytics handles this situation by returning the report without the column in question.

Data-level security is configured exclusively through the Analytics repository using Repository groups (the equivalent of Siebel responsibilities). It is configured at the logical layer, mostly on dimensions. The Fact tables, other than the most sensitive Revenue facts (Closed Revenue, Opty Revenue and Expected Revenue), are not secured directly. However, dimensions are secured, as shown in Table 51.

Other data security models such as custom models can be configured in the metadata using similar techniques. This security configuration requires an understanding of the business model setup and filtering mechanisms. See Siebel Analytics Server Administration Guide on using variables in the repository.

The security definition for the dimension decides the general area within which the user operates. The reports can further restrict access to the data within the report. For example, if a report contains a filter such as Employee.Login = valueof (USER), then this restricts the rows returned in the report to those where the user is the owner of the record.