About Security Design in the Oracle Life Sciences Data Hub
The Oracle Life Sciences Data Hub (Oracle LSH) security system determines which users can perform which operations on which defined objects (such as Programs and Tables) and outputs (such as reports). Users are allowed to perform an operation on an object or output when they:
- belong to a user group that is assigned to the object or output either explicitly or by inheritance
- and are assigned to a role within that user group that allows the operation on the object
You must design and set up a security system before you can use Oracle LSH.
To create an Oracle LSH security system you must do the following:
To complete the security system you must create a user account for each person who will use Oracle LSH and assign at least one user to be the group administrator for each user group. The group administrator then assigns users to roles within the group. Each group administrator must then add users to his or her group and assign users to roles within the group.
You can add organizational containers, object subtypes, roles, and user groups, as well as users, over time as necessary.
Note:
In this chapter the word "object" is used to apply to object definitions and object instances. Users get security access and privileges on both definitions and instances in the same way. However, you can define different security requirements for each because they are distinct object types. For example, you can give a Definer privileges on Program definitions as well as instances, and give a Consumer access to Program instances only.Parent topic: Designing a Security System