Skip Headers
Oracle® Beehive Concepts
Release 1 (1.4)

Part Number E13794-02
Go to Documentation Home
Go to Book List
Book List
Go to Table of Contents
Go to Index
Go to Feedback page
Contact Us

Go to previous page
Go to next page
View PDF


access control

The mechanism that grants or denies Oracle Beehive users the ability to perform various actions, such as add, view, modify, or delete entities. Access control can be applied explicitly on objects through access control lists (ACLs) containing access control entities (ACEs). Additionally, access control can be applied to users implicitly through the use of roles. See also: access control entry (ACE), access control list (ACL), access type, privilege, role, sensitivity.

access control entry (ACE)

An entry in an access control list (ACL) on an accessible object, such as a file, folder, workspace, or calendar. Each ACE contains three values: the entity, which specifies the object to which the ACE applies; the accessor, which specifies for whom this ACE applies (such as a user or members of a specified group); and a string defining access types (read, write, discover, execute, and delete). See also: access control, access control list (ACL), access type.

access control list (ACL)

A list of one or more access control entities (ACEs) that applies to a specific object in Oracle Beehive and that defines who can access the object and with what privileges. See also: access control entry (ACE), privilege, sensitivity.

access type

The component of an access control entry (ACE) that specifies how a user can access an object, if at all. An ACE can include one or more of the following access types: view, modify, discover, execute, and delete. See also: access control, access control entry (ACE).


An entity, such as a user or a service, that can act upon other entities.

address book

A list of people and their contact information entered or specified by a user or a group of users for facilitating collaboration.


A user who has special privileges, such as the ability to manage and control aspects of the system. See also: system administrator and workspace administrator.


A time-sensitive message to one or more users that typically requires the immediate attention of its recipients, sometimes in the form of actionable responses. See also: notification.


A type of entity that users can view, create, modify, or delete. Artifacts are the results of communications and other collaborative activities, and include e-mail messages, meeting entries, online discussions, and documents, to name a few. Oracle Beehive stores artifacts in Oracle Database.


The process of verifying credentials, such as a user name and password, for granting or denying a user access to the system.


The process of granting or denying a user access to services, features, and artifacts. Authorization is a superset of access control.

Beehive Transport Infrastructure (BTI)

Enables connectivity between Oracle Beehive and supported clients. The BTI enables client connections to navigate and traverse obstacles such as firewalls, forward and reverse proxies, load balancers, virtual hosts, and demilitarized zones (DMZs) while ensuring secure, stable, and persistent connections.


A one-way communication, such as an instant message, that a user, an administrator, or the system sends to multiple users simultaneously.

business event

An event that triggers business logic, such as by initiating workflows or applying policies. An example of a business event is when a user creates a document and it initiates a specific approval and notification process. See also: object event.


An online discussion that occurs between two or more Oracle Beehive users through instant messaging.


The ability to integrate Oracle Beehive with another system (or application) so that current data from each system is exposed to the users of the other system. Currently, Oracle Beehive supports coexistence with Microsoft Exchange Server 2003 only.


The process of two or more people working together for a common objective.


A person who is associated with Oracle Beehive users. A contact is either an internal contact (an enterprise or extended-enterprise user) or an external contact (outside of an enterprise). By default, all Oracle Beehive users are contacts, but external contacts do not have user accounts. Directories as well as workspace and personal address books can contain internal contacts, however only workspace and personal address books can contain external contacts.

contact list

See people list.


A special type of object that can hold other objects within it. Containers include all of the various levels of scope, such as enterprise, organization, and workspace, as well as specialized containers such as folders (which contain files) and calendars (which contain calendar events).


A type of artifact that users can create, edit, delete, share, collaborate on, provide links to, and version. Typically, content refers to documents and images (graphic files) although it can also include e-mail messages, meeting notes, spreadsheets, project plans, reports, transcripts from online chats, and so forth.

demilitarized zone (DMZ)

A computer host or small network that an enterprise inserts as a neutral zone between its internal, private network and the Internet. A DMZ prevents unauthorized users from accessing systems that contain confidential or proprietary data. In effect, DMZs act as proxy servers and provide another layer of network security, especially when used with firewalls.


A user who has been granted the necessary privileges to act on behalf of another user.


The act or process of granting a user the necessary privileges to act of behalf of another user.


The collection of all the groups, users, and their associated contact information within an Oracle Beehive deployment. Users can access the directory for their deployment to look up basic contact information about other users. See also: personal address book.


A threaded, post-based conversation about a particular topic or subject, and that is typically moderated by a user with the appropriate privileges.

distribution list

A contact list whose members are interested in receiving information about a specific topic. Users can subscribe to and unsubscribe from distribution lists, or they can be added and removed by administrators.


The top-level container for all entities in an Oracle Beehive deployment, which can include any number of organizations, users, and workspaces. In Oracle Beehive Release 1, each Oracle Beehive deployment can have only one enterprise. See also: organization, workspace.


An object in Oracle Beehive, such as a service, user, workspace, or artifact. In essence, every object in Oracle Beehive is an entity.


An occurrence in Oracle Beehive that is the result of a user or system-based action. Examples include when an administrator provisions a new user, a user saves changes to a document, or an allotted disk space quota is reached. Events can trigger rules, policies, workflows, and other events. All events can be logged. See also: business event, object event.

external contact

A person who does not have a user account in Oracle Beehive but who is related to, regularly contacted by, or who potentially collaborates with one or more Oracle Beehive users. Oracle Beehive users can add external contacts to their workspace address books and personal address books.

Global Address List (GAL)

The Microsoft Exchange Server equivalent of an Oracle Beehive directory.


A defined collection of users or resources (or some combination thereof) that are related based on a line of business, a project, a location, or another common association.

Lightweight Directory Access Protocol (LDAP)

An Internet protocol that applications use to look up contact information from a server, such as a central directory. LDAP servers index all the data in their entries. Filters can be used to select a specific person or group, and return the precise information that was requested. An example of an LDAP server is Oracle Internet Directory.


A gathering, whether in-person or online, where users collaborate about a particular subject or project. A meeting is defined by its subject matter, location, mode of communication, attendees, resources, and start and end times.


A server in a network deployment of Oracle Beehive. Oracle Beehive supports deployments with multiple nodes that exist in the same site.


A mechanism for informing the user of something that has happened in the system, possibly through an alert. Users subscribe to notifications to track changes such as changes to a document or to a meeting time and location. See also: alert, subscription.

object event

An event that is based on changes in Oracle Beehive entities, such as users, documents, and workspaces, and that affect low-level aspects of the system only, such as updating a row in a database table. An example of an object event is when a system administrator provisions a user and no other business logic applies, other than enabling the user to log in and use the system. See also business event.


A logical grouping of users, groups, workspaces, and resources at a level lower than the enterprise level. An enterprise can contain any number of organizations, and an organization can contain any number of sub-organizations and workspaces. Users can be provisioned at an organization level, and they can access entities and collaborate across organizational boundaries if system-based permissions are granted. Also, the system exposes many entities, such as the directory, across all organizations. See also: enterprise.

people list

A set of contacts that an Oracle Beehive user creates for communicating through instant messages. Users can organize their people lists by adding groups and hierarchies.

personal address book

An address book in a user's personal workspace. Personal address books can be shared with other users and workspaces, but can have only one owner.

personal workspace

A workspace for and owned by a single user, and that others cannot access and view unless the user specifically grants them permission. Personal workspaces can contain links to the content from the team workspaces to which a user belongs, but not vice versa. By default, every enterprise and extended-enterprise user in Oracle Beehive has a personal workspace, which is created during user account provisioning. All users can each have only one personal workspace. See also: team workspace, workspace.


A set of rules with associated actions used for restricting or modifying the default behavior of Oracle Beehive. Typically, policies are applied to events or collections of events. A policy dictates how Oracle Beehive should behave whenever an event occurs. Examples of policies include: a password policy dictating what rules must be followed when creating a password; an auditing policy dictating when auditing records should be written to the audit repository. A policy can also trigger an approval process requiring an action through a workflow. See also: event, workflow.


The ability to manually configure or automatically detect the current and future status of a user or resource, and then display that information to other users.


User-provided credentials, such a user name and password, that enable the system to authenticate the user.


System-defined levels of access to various functions within Oracle Beehive. Some privileges grant user-level access to services such as e-mail, instant messaging, and time management. Other privileges grant administrator-level access, such as access to auditing functions, user administration, and roles management. By default, all users (all members of the ALL_USERS default group) are granted a set of privileges providing user-level access to all Oracle Beehive services.


The amount of available storage space, whether actual (physical) or virtual, allocated for a particular entity such as a workspace.


An entity that users can search for, reserve, and use for a specified period of time, such as a conference room or a projector. In Oracle Beehive, users search for and reserve resources through the features provided by the Time Management Service.


Predefined permission sets that can be assigned to users and groups within team workspaces, and that determine what workspace features and content assignees can or cannot access. Users can be assigned more than one role for each team workspace. Typically, workspace coordinators are responsible for creating and assigning roles. See also: privilege.


An organizational level, used for collecting users and managing access. Oracle Beehive supports the following scope types: enterprise, organization, and workspace.


A named access control list (ACL) defined and applied to entities by administrators and users. Sensitivities solve the usability problem of having too fine-grained control or not enough control. Common sensitivities include private, confidential, normal, and public. A sensitivity can be applied to multiple entities simultaneously, enabling users to group multiple entities into the same access control category. Oracle Beehive allows administrators and users to define and apply any number of sensitivities, although Oracle Beehive Integration for Outlook (OBIO) users can only apply existing sensitivities defined by users provisioned in Oracle Beehive.


A discrete implementation of specific functionality that users and other services can leverage to accomplish a task. The capabilities and interactions of services enable the full scope of functionality that Oracle Beehive provides.


A collection of hardware in a specific geographic location and on which Oracle Beehive runs.


A special type of policy that allows a user to be informed, through a notification message, whenever a particular event takes place. Oracle Beehive administrators can expose to users various events to which they can subscribe, allowing users to select subscriptions themselves from a client of choice, and manage how they want the system to deliver notifications. For example, a user could subscribe to a folder within a public workspace to receive a notification whenever files within that folder change. See also: notification, policy.

system administrator

An Oracle Beehive user with full system access and privileges, and who is responsible for the deployment, configuration, and maintenance of the Oracle Beehive software as well as the computers and networks on which it resides. System administrators troubleshoot hardware and configuration problems, apply software patches, perform upgrades, monitor system performance, and ensure the smooth operation of the Oracle Beehive deployment. See also: administrator and workspace administrator.


A mechanism for classifying and organizing artifacts, typically according to business usage. For example, Request for Proposal (RFP) or Monthly Sales Report can be tags for documents. Tags can be hierarchical with parent-child-sibling relationships and any number of tags can be applied to an artifact. Tags can also contain properties, such that when a user applies a tag to an artifact, the artifact inherits the properties of the tag.

team workspace

A workspace that supports the content and collaborative activities of a particular workgroup, and that can be accessed and viewed by its members. Users can belong to and view more than one team workspace at a time. An example of a team workspace could be a sales workspace for a specific sales account. See also: personal workspace, workspace.

text conference

An online meeting between Oracle Beehive users in which instant messaging features, such as a chat room and text messages, are used.

time management

All of the various functions involving calendars and schedules, including scheduling meetings, assigning tasks, and applying time zones. Oracle Beehive provides its time management features through the Time Management Service.

Web conference

An online meeting between Oracle Beehive users over the Web in which one or more conferencing channels are used such as video, voice, text, or desktop sharing.

whiteboard (verb)

The process of presenting a dedicated window to other Web conference participants for the purposes of drawing or highlighting. Whiteboarding includes the ability to take a screenshot of a computer's desktop to highlight specific areas.


A series of approvals or actions that must be taken to complete a blocking event. Oracle Beehive is integrated with Oracle BPEL, triggering workflows based on internal system events. An event is tied to a Business Processing Execution Language (BPEL) workflow through the use of policies. See also: event, policy.


A named entity that defines a place and context for collaboration as well as for storing the artifacts related to the collaborative activities of an individual or a team. Typically, a workspace has two or more members and is created for collaboration on a project or an activity, such as a workspace created by a sales team for a specific account. Oracle Beehive exposes its collaborative services to users through workspaces. Users access and collaborate in workspaces through supported Oracle Beehive clients. See also: personal workspace, team workspace.

workspace administrator

A user who has administrator-level privileges for a workspace, which are typically granted through a role such as a Workspace Coordinator. Some users can have broader workspace administration privileges, such as the ability to create team workspaces at the organization or enterprise level.