Application Security Features

Oracle LSH and Oracle DMW include security features that allow you to control user access to user interface pages, study data, and objects and operations.

Note:

For more information on security features, see "User Security Features" and "Designing a Security System" in the Oracle Life Sciences Data Hub Implementation Guide.

The following topics provide information to securely configure user security in the Oracle LSH and Oracle DMW applications:

• Roles, Rights, and User Groups
  
• Data Blinding and Masking
  
• Object Security
  
• Auditing and Monitoring
  

Roles, Rights, and User Groups

Users are allowed to perform an operation on an object or output when they:

• belong to a user group that is assigned to the object or output either explicitly or by inheritance

• and are assigned to a role within that user group that allows the operation on the object.

You must define user groups and assign users to roles within the groups. In Oracle DMW, predefined roles are available for use with both Oracle DMW and Oracle LSH. You can edit the predefined roles as necessary.

Users must also have an application role that allows them to access particular pages in the user interface.

See the Oracle Life Sciences Data Hub System Administrator's Guide and the Oracle Health Sciences Data Management Workbench User's Guide.

Data Blinding and Masking

Oracle LSH and Oracle DMW provide data blinding functionality. To see blinded data, a user must have the following privileges:

• Normal access to the table: belonging to a user group that has access to the table, with a role in the context of that user group that allows Read privileges on the data.

• An application role that allows access to blinded data across all studies and tables.

In Oracle LSH, blinding is at the table level only. Blinded tables are partitioned, with the real data in one partition and dummy data in the other. Only users with special privileges can view any real data in the table at all.

In Oracle DMW you can mark data as blinded at the table, column, row, or cell level and specify masking values for the sensitive data. Only users with special privileges can view any real data, but all users with normal Read privileges and user group access to the table can see the real, nonblinded data and the masking values for the sensitive data.

In both products, each time a user with special privileges requests to view real, blinded data, the system audits the event.

When data is blinded, it is hidden in the Oracle LSH and Oracle DMW user interfaces and databases, discrepancy records, and in export or job outputs unless a user with the required blinding application role and normal access to the table(s) explicitly requests to view the real data.

If your study contains Personal/Protected Health Information (PHI), Oracle recommends that you blind all PHI.

Object Security

Each time a user tries to perform an operation on a defined object, the system runs a check that compares the security privileges of the user with the security requirements of the object.

A user can operate on an object only if both these conditions are met:

• The user belongs to an active user group that is assigned to that object, either explicitly or through inheritance.

• The user has a role in that user group that permits the operation on the object's subtype.

In addition, Oracle DMW includes predefined roles that are available for use with Oracle LSH to control user access to specific objects and operations for those objects.

For more information, see "Setting Up Object Security" in the Oracle Life Sciences Data Hub System Administrator's Guide.

Auditing and Monitoring

This section contains the following topics:

• Data Auditing
  
• Oracle DMW Discrepancy Auditing
  

Data Auditing

In Oracle LSH, you can select a data processing type that provides an audit trail of changes made to the data. With Oracle LSH audited data, you can recreate the state of data in the table at any previous point in time using data snapshots. The audit trail never deletes data. But, it records each change to each record over time, including data deletions.

Oracle DMW maintains a full audit trail for all changes made to data. You can display the most recent Oracle DMW data in the Oracle DMW application. Data from the audit trial is visible in Oracle LSH.

Oracle DMW Discrepancy Auditing

Oracle DMW maintains a full audit trail for all changes made to data discrepancies either manually or programmatically. The audit trail records the user name, data changed, and timestamp of the change. The audit trail is read-only and cannot be modified by any user.