Security Guide for Siebel eBusiness Applications > About Security Resources for Siebel Applications > Siebel Security Architecture >

Authorization to Control Data Visibility


Authorization refers to the privileges or resources that a user is entitled to within Siebel applications. Even among authenticated users, organizations generally want to restrict visibility to system data. Siebel applications use two primary access control mechanisms:

Access control provides Siebel customers with unified administration for access to millions of content items for millions of users.

View-Level Access Control

Organizations are generally arranged around functions, with employees being assigned one or more functions. View-level access control determines what parts of the Siebel application a user can access, based on the functions assigned to that user. In Siebel applications, these functions are called responsibilities.

Responsibilities define the collection of views to which a user has access. An employee assigned to one responsibility may not have access to parts of the Siebel applications associated with another set of responsibilities. For example, typically a system administrator has access to view and manage user profiles, while other employees do not.

Each user's primary responsibility also controls the default screen or view tab layout for the user. For more information, see Managing Tab Layouts Through Responsibilities.

Record-Level Access Control

Record-level access control assigns permissions to individual data items within an application. This allows Siebel customers to authorize only those authenticated users that need to view particular data records to access that information.

Siebel applications use three types of record-level access: position-based, organization-based, and access group-based. When a particular position, organization, or access group is assigned to a data record, only employees within that position, organization, or access group can view that record.


 Security Guide for Siebel eBusiness Applications 
 Published: 23 June 2003