Glossary


A | D | E | F | J | L | R | S | W

A

abstract role
A description of a person's function in the enterprise that's unrelated to the person's job (position), such as employee, contingent worker, or line manager.
action
The kind of access, such as view or edit, named in a security policy.
aggregate privilege
A predefined role that combines one function security privilege with related data security policies.
assignment
A set of information, including job, position, pay, compensation, managers, working hours, and work location, that defines a worker's or nonworker's role in a legal employer.

D

data security
The control of access and action a user can take against which data.
duty role
A group of function and data privileges representing one duty of a job. Duty roles are specific to applications, stored in the policy store, and shared within an application instance.

E

enterprise
An organization having common control over one or more legal entities.

F

function security
The control of access to a page or a specific use of a page. Function security controls what a user can do.

J

job
A generic role that's independent of any single department or location. For example, the jobs Manager and Consultant can occur in many departments.
job role
A role, such as an accounts payable manager or application implementation consultant, that usually identifies and aggregates the duties or responsibilities that make up the job.

L

LDAP
Abbreviation for Lightweight Directory Access Protocol.

R

resource role
The role the user plays in the sales organization. The resource role appears as the person's title in the Resource Directory.
role
Controls access to application functions and data.
role mapping
A relationship between one or more roles and one or more assignment conditions. Users with at least one assignment that matches the conditions qualify for the associated roles.
role provisioning
The automatic or manual allocation of a role to a user.

S

security reference implementation
Predefined function and data security that includes role based access control, and policies that protect functions, and data. The reference implementation supports identity management, access provisioning, and security enforcement across the tools, data transformations, access methods, and the information life cycle of an enterprise.
setup user
A user provisioned with the job roles and abstract roles required to perform implementation tasks.

W

work area
A set of pages containing the tasks, searches, and other content you need to accomplish a business goal.
work relationship
An association between a person and a legal employer, where the worker type determines whether the relationship is a nonworker, contingent worker, or employee work relationship.
workflow
An automated process that passes a task from one user (or group of users) to another to view or act on. The task is routed in a logical sequence to achieve an end result.