Bookshelf Home | Contents | Index | Search | PDF |
Siebel Analytics Web Administration Guide > Analytics Web Security >
Overview of Siebel Analytics Web Security
This section provides an overview of Siebel Analytics Web security.
Where Security Settings Are Made
Security settings that affect Siebel Analytics Web are made in the:
- Server Administration Tool. This is where you:
- Set permissions for business models, tables, columns, and subject areas
- Specify database access for each user
- Specify filters to limit the data accessible by users
- Set authentication options
For more information, see Siebel Analytics Server Administration Guide.
- Siebel Analytics Web. This is where you set permissions to catalog items, including dashboards, and the privilege to perform actions such as edit views, create iBots, and create prompts.
- Catalog Manager. This is where you set permissions to catalog items, including dashboards, when working offline.
Security Goals
Your main security goals are to make sure that:
- Only appropriate people can log on and access Siebel Analytics Web. This is achieved by assigning logon rights and authenticating users through the Analytics server. For more information about authentication, see Authentication.
- Employees can only access the data that is appropriate to them. This is achieved by applying access control in the form of permissions.
- Employees only have the ability to perform actions that are appropriate to them. This is achieved by applying user rights in the form of privileges.
Access Control and Permissions
Access control defines the ability of an account to access a shared catalog item. Catalog items are folders and reports, where folders are application folders, dashboard folders, and dashboard page folders. An account is either:
- An individual user
- A Web Group that has one or more users as members.
Permissions describe the type of access to an object that an account is permitted. Examples are Read and Full Control.
Each catalog item has an access control list that defines which accounts have which permissions to access the item. An access control list has the general form shown in Table 4.
Table 4. Access Control List For a Catalog Item Account Permission Web Group 1 Read Web Group 3 Full Control Web Group 8 Read User 4 Read User 9 Full Control User 11 Full ControlFor more info about permissions, see About Setting Permissions.
User Rights and Privileges
Privileges are the actions that users have the right to perform in Siebel Analytics Web. Example privileges are "Edit system-wide column formats" and "Create iBots."
Privileges are managed by associating them with accounts, that is, individual users or Web Groups. A specific account is either granted or denied a specific privilege. These associations are created in privilege assignment tables.
The general form of a privilege assignment table is shown in Table 5. The Web Groups in the right column are granted the privileges in the left column.
If a user, or any Web Group to which the user is a member, is not assigned a particular privilege, by default that user is denied that privilege.
For more info about privileges, see About Setting Privileges.
Authentication
Authentication is the process of using a username and password to identify a someone who is logging on. Authenticated users are then given appropriate authorization to access a system, in this case Siebel Analytics Web. Siebel Analytics Web does not have its own authentication system; it relies on the authentication system built into Siebel Analytics Server.
For more information about authentication, see Authentication.
Bookshelf Home | Contents | Index | Search | PDF |
Siebel Analytics Web Administration Guide Published: 18 April 2003 |