The Access Control category enables you to control how Oracle Beehive grants or denies users the ability to perform various actions, such as to view, modify, or delete entities.

Refer to the section "Authorization and Access Control in Oracle Beehive" in the module "Oracle Beehive Security Concepts" in Oracle Beehive Concepts for more information about access control.

A role is a predefined sets of privileges, or role definitions, that may be assigned to users and groups within team workspaces. Roles determine what privileges assignees may possess, such as the workspace features and content that users can or cannot access. A delegatable role is a role that has the DELEGATE privilege. Refer to the module "Managing Oracle Beehive Access Control" in Oracle Beehive Administrator's Guide for more information.

A privilege is a system-defined level of access to various functions within Oracle Beehive. For example, some privileges grant users access to services such as e-mail, instant messaging, and time management.

A sensitivity is a named access control list (ACL), which is defined and applied to entities by administrators and users.

An access control list is a list of one or more access control entries (ACEs) that applies to a specific object in Oracle Beehive and that defines who can access the object and with what privileges

An access control entry contains three values: the entity, which specifies the object to which the ACE applies; the accessor, which specifies for whom this ACE applies (such as a user or members of a specified group); and a string defining access types (read, write, discover, execute, and delete).