Bookshelf Home | Contents | Index | Search | PDF

Siebel Analytics Web Administration Guide > Analytics Web Security >

Overview of Siebel Analytics Web Security

---

This section provides an overview of Siebel Analytics Web security.

Where Security Settings Are Made

Security settings that affect Siebel Analytics Web are made in the:

Server Administration Tool. This is where you:
Set permissions for business models, tables, columns, and subject areas
Specify database access for each user
Specify filters to limit the data accessible by users
Set authentication options

For more information, see Siebel Analytics Server Administration Guide.

Siebel Analytics Web. This is where you set permissions to catalog items, including dashboards, and the privilege to perform actions such as edit views, create iBots, and create prompts.
Catalog Manager. This is where you set permissions to catalog items, including dashboards, when working offline.

Security Goals

Your main security goals are to make sure that:

Only appropriate people can log on and access Siebel Analytics Web. This is achieved by assigning logon rights and authenticating users through the Analytics server. For more information about authentication, see Authentication.
Employees can only access the data that is appropriate to them. This is achieved by applying access control in the form of permissions.
Employees only have the ability to perform actions that are appropriate to them. This is achieved by applying user rights in the form of privileges.

Access Control and Permissions

Access control defines the ability of an account to access a shared catalog item. Catalog items are folders and reports, where folders are application folders, dashboard folders, and dashboard page folders. An account is either:

An individual user
A Web Group that has one or more users as members.

Permissions describe the type of access to an object that an account is permitted. Examples are Read and Full Control.

Each catalog item has an access control list that defines which accounts have which permissions to access the item. An access control list has the general form shown in Table 4.

Table 4.  Access Control List For a Catalog Item

Account	Permission
Web Group 1	Read
Web Group 3	Full Control
Web Group 8	Read
User 4	Read
User 9	Full Control
User 11	Full Control

For more info about permissions, see About Setting Permissions.

User Rights and Privileges

Privileges are the actions that users have the right to perform in Siebel Analytics Web. Example privileges are "Edit system-wide column formats" and "Create iBots."

Privileges are managed by associating them with accounts, that is, individual users or Web Groups. A specific account is either granted or denied a specific privilege. These associations are created in privilege assignment tables.

The general form of a privilege assignment table is shown in Table 5. The Web Groups in the right column are granted the privileges in the left column.

Table 5.  Privilege Assignment Table

Privilege	Accounts That Have Been Granted the Privilege
Privilege 1	Web Group 2, Web Group 4
Privilege 2	Web Group1, Web Group 3
Privilege 3	Web Group 1, user 3
Privilege 4	Web Group 1, user 1, user 4, user 6
Privilege 5	Web Group 2, Web Group 3, user 4

If a user, or any Web Group to which the user is a member, is not assigned a particular privilege, by default that user is denied that privilege.

For more info about privileges, see About Setting Privileges.

Authentication

Authentication is the process of using a username and password to identify a someone who is logging on. Authenticated users are then given appropriate authorization to access a system, in this case Siebel Analytics Web. Siebel Analytics Web does not have its own authentication system; it relies on the authentication system built into Siebel Analytics Server.

For more information about authentication, see Authentication.

Bookshelf Home | Contents | Index | Search | PDF