Page 1
7/21/2019 Secuity Oracle Application Module Security With R12 _ OracleApps Epicenter
http://slidepdf.com/reader/full/secuity-oracle-application-module-security-with-r12-oracleapps-epicenter 1/10
uity : Oracle Application Module Security with R12 | OracleApps Epicenter
:///D|/...en%20attente/Secuity%20%20%20Oracle%20Application%20Module%20Security%20with%20R12%20_%20OracleApps%20Epicenter.htm[04/01/2016 10:06:26]
Powered Search
Get Updates!
Subscribe to theOracleAppsHub to
receive notifications
when there are new
posts:
Categories
11i
Advance Collection
AOL
API Integration
Basic Accounting
Beginner
Beyond Apps
Blogroll
Cash Management
Centrestage
Conversion
Depot Repair
EBS Suite
EDI
Emerging
Technologies
Finance
Functional
Fusion
Fusion Application
General Interest
HRMS
HyperionImplementations
Integration
InterCompany
JumpStart
Feature Topic
Grab Free Copy
Search
Powered Search
Recent Posts
Oracle Advanced
Procurement
What is
Oracle/Hyperion
Financial Data
Quality Management(FDM)?
What is
Oracle/Hyperion
Financial Data
Quality Management
(FDM)?
Oracle Cloud
Oracle Mobile
iProcurement for
Oracle E-Business
Suite
Blogroll
David Haimes
Floyd Teter
Steven Chan
OracleApps EpicenterOdyssey of an OracleApps Consultant
Home About The Epicenter Resources SEARCH Contact
Secuity : Oracle Application ModuleSecurity with R12
Posted on August 28th, 2011 by Sanjit Anand | Print This Post |
Email This Post
Have you tried OracleappsHub in
ipad/iphone/smart Phone? Don't wait. try it
today
This post is more on revisiting EBS Application Module Security.
1. HRMS Security
In HRMS there are two major Securities concept
Standard
Security Groups Enabled
Standard HRMS Security is a simple security used within
a single legislation and a single business group. In this
model, typically a Security Profile is created for each
distinct group of employees and it is assigned to a
responsibility.Its very simple.
For enabling Standard HRMS Security, Security Profile
screen (US Super HRMS Manager -> Security -> Profile)
can be used to create a Security Profile.
In Security Groups Enabled Security a single
responsibility can be assigned to more than one business
group and so users can access records from multiple
business groups. In this model, multiple security profiles
can be assigned to a single responsibility.
Typical example you can understand in this way : an HR
Manager and Assistant HR Manager can use the sameresponsibility, but will be able to view different data.
For Security Groups Enabled Security, use Global Security
Profiles window.
2. Multi Organization Access Control (MOAC)
This means Role based access to Operating Units.
Single installation of EBS can support different types of
organizations and this feature is ability to access multiple
organizations from a single responsibility, which is avaiable
in majority of Oracle application modules.
Typical example of MOAC may be similar to senario listed
here:
Enter your email address
sign up Search
Page 4
7/21/2019 Secuity Oracle Application Module Security With R12 _ OracleApps Epicenter
http://slidepdf.com/reader/full/secuity-oracle-application-module-security-with-r12-oracleapps-epicenter 4/10
uity : Oracle Application Module Security with R12 | OracleApps Epicenter
:///D|/...en%20attente/Secuity%20%20%20Oracle%20Application%20Module%20Security%20with%20R12%20_%20OracleApps%20Epicenter.htm[04/01/2016 10:06:26]
November 2008
October 2008
September 2008
August 2008July 2008
June 2008
May 2008
April 2008
March 2008
February 2008
January 2008
December 2007
November 2007
October 2007
September 2007
August 2007July 2007
June 2007
May 2007
April 2007
March 2007
February 2007
January 2007
December 2006
October 2006
August 2006
Links
Metalink
Oracle
Oracle Integration
Repository
Disclaimer
Disclaimer
Meta:
RSS
Comments RSS
Valid XHTML
eMail
Assign organization (Operating Units, Ledger Entities andBusiness Groups) and bank account use to a Role.
Navigation: User Management ( R) -> Roles & Role
Inheritance -> Security Wizards -> CE UMX Security
wizard.
Bank Account Access security rule is composed of 2 parts :
1. Bank Account Access Setup => Bank Account
Access setup defines organizations that can use
existing bank account
2. Cash Management Security Profiles => Cash
Management Security Profiles provide a list of
organizations where an user has access to.
4. Purchasing Security
Purchasing documents can have 4 levels of security:
Public: Any user may access these documents.
Private: Only the document owner and subsequent
approvers can access the document.
Purchasing: Document owner, subsequent
approvers and users listed as buyers can access.
Hierarchy: Document owner, team members,
approvers and others in the security hierarchy
higher than document owner.
Page 5
7/21/2019 Secuity Oracle Application Module Security With R12 _ OracleApps Epicenter
http://slidepdf.com/reader/full/secuity-oracle-application-module-security-with-r12-oracleapps-epicenter 5/10
uity : Oracle Application Module Security with R12 | OracleApps Epicenter
:///D|/...en%20attente/Secuity%20%20%20Oracle%20Application%20Module%20Security%20with%20R12%20_%20OracleApps%20Epicenter.htm[04/01/2016 10:06:26]
Ad
5.iSupplier Security
If you have created custom responsibilities that will be
assigned to supplier users,securing attributes must be
included in your custom responsibility definition.
There are three securing attributes that can be used to
control access. These attributes are all seeded with the
pre-defined Oracle iSupplier Portal responsibilities that are
released with the product:
ICX_SUPPLIER_ORG_ID - Identifier for the supplier.
ICX_SUPPLIER_SITE_ID - Identifier for the supplier
site.
ICX_SUPPLIER_CONTACT_ID - Identifier for the
supplier contact
You can enable them from Navigation: System
Administrator ( R) -> Security -> Responsibility -> Define.
6.Flexfield Security Rules
Page 6
7/21/2019 Secuity Oracle Application Module Security With R12 _ OracleApps Epicenter
http://slidepdf.com/reader/full/secuity-oracle-application-module-security-with-r12-oracleapps-epicenter 6/10
uity : Oracle Application Module Security with R12 | OracleApps Epicenter
:///D|/...en%20attente/Secuity%20%20%20Oracle%20Application%20Module%20Security%20with%20R12%20_%20OracleApps%20Epicenter.htm[04/01/2016 10:06:26]
Flexfield Value Security gives you the capability to restrict
the set of values a user can use during data entry. With
easy-to-define security rules and responsibility level
control, you can quickly set up data entry security on your
flexfield segments and report parameters.
Flexfield Value Security lets you determine who can use
flexfield segment values and report parameter values.
Based on your responsibility and access rules that you
define, Flexfield Value Security limits what values you can
enter in flexfield pop-up windows and report parameters.
Security rules for the Accounting Flexfield also restrict
query access to segment values in the Account Inquiry,
Funds Available, and Summary Account Inquiry windows.
In these windows, you cannot query up any combination
that contains a secure value. However in all other forms,
you will be able to query up a value even if it is restricted
to the user.
In order to use, you just need to define Security Rules
window to define value security rules for ranges of flexfield
and report parameter values.
Navigation: Application -> Validation -> Security ->
Define.
Use Assign Security Rules window to assign the flexfield
security rules to an application responsibility.
Navigation: Application -> Validation -> Security ->
Assign.
7.Fixed Assets Security
You can manage your Asset Book Security, as mention in
one of previous post.This Functionality you can understood
as:
Secure access to each depreciation book / Ledger
Create a flexible hierarchy of asset organizations
Associate a responsibility with one or more
depreciation books
Asset Book Security allows multiple asset books/registers
to be manage/administered independently
Fixed Assets responsibility can be secured by linking aFixed Asset Book / Ledger, by executing the following
steps:
Link an Asset organization to the Fixed Asset Set of
Book/Ledger.
Establish an Organization hierarchy for the asset
organization.
Navigation: Fixed Assets Manager ( R) -> Setup ->
Security -> Organization -> Description -> Query
Asset Organization -> Select ‘Asset
Organization’ -> Click ‘Others’ -> Assign FA Book.
8. Oracle Projects Security
Oracle Projects provides several integrated security
mechanisms to help you define user access to
organization, project, and resource information, as well as
Page 7
7/21/2019 Secuity Oracle Application Module Security With R12 _ OracleApps Epicenter
http://slidepdf.com/reader/full/secuity-oracle-application-module-security-with-r12-oracleapps-epicenter 7/10
uity : Oracle Application Module Security with R12 | OracleApps Epicenter
:///D|/...en%20attente/Secuity%20%20%20Oracle%20Application%20Module%20Security%20with%20R12%20_%20OracleApps%20Epicenter.htm[04/01/2016 10:06:26]
a variety of Oracle Projects functions. These mechanisms
are all based on function security, which is the foundation
of Oracle Applications security.
Using these integrated security mechanisms, you can
define Oracle Projects security at the following levels:
Responsibility level, across projects.
Project level, using project roles.
Organization level, using predefined organization
authority roles.
9. Inventory Organization Access
Inventory organizations can be assigned to responsibilities
with inventory screens, thereby restricting the access to
only those inventory organizations.
Navigation: Inventory ( R) -> Setup -> Organizations ->
Organization Access.
It is a very straight forward Form that you can assign
which Inventory Organization(s) available to a
responsibility. The Rule behind this Form is that once a
responsibility is used, the default is that this responsibility
does not allow to access all Inv. Org., unless you explicitly
assign it. The good side is that this setting is effective
immediately; no need to submit what-is-the-name-again
process, setup all-look-like-the-same profile options
10. Manufacturing Organization Access
Manufacturing organizations can be assigned to
responsibilities with manufacturing screens, thereby
restricting the access to only those organizations.
your Navigation is: Advanced Planning Administrator ( R) -
> Admin -> Organization Security.
11. Shipping Grants & Warehouse Access
Shipping roles can enable or disable access to individualfunctions within Shipping.
Navigation: Order Management ( R) -> Setup -> Shipping
-> Grants and Role Definitions -> Define Roles.
Page 8
7/21/2019 Secuity Oracle Application Module Security With R12 _ OracleApps Epicenter
http://slidepdf.com/reader/full/secuity-oracle-application-module-security-with-r12-oracleapps-epicenter 8/10
uity : Oracle Application Module Security with R12 | OracleApps Epicenter
:///D|/...en%20attente/Secuity%20%20%20Oracle%20Application%20Module%20Security%20with%20R12%20_%20OracleApps%20Epicenter.htm[04/01/2016 10:06:26]
Then you can assocaite shipping roles then can be
assigned to individual users.
Navigation: Order Management ( R) -> Setup -> Shipping
-> Grants and Role Definitions -> Grants.
12. Order Holds
In Order Management, when further processing has to be
prevented on an order, a hold can be placed and released
later.
Navigation: Order Management ( R) -> Setup -> Orders -
> Holds.
13. Advance pricing
Pricing security enables you to restrict pricing activities
such as updating and viewing pricing entities to users who
are granted specific access privileges. Pricing entities
include price lists, pricing agreements, and modifiers.
Pricing security can be set up and maintained in the HTML
Page 9
7/21/2019 Secuity Oracle Application Module Security With R12 _ OracleApps Epicenter
http://slidepdf.com/reader/full/secuity-oracle-application-module-security-with-r12-oracleapps-epicenter 9/10
uity : Oracle Application Module Security with R12 | OracleApps Epicenter
:///D|/...en%20attente/Secuity%20%20%20Oracle%20Application%20Module%20Security%20with%20R12%20_%20OracleApps%20Epicenter.htm[04/01/2016 10:06:26]
user interface by a user who is assigned the Oracle Pricing
Administrator responsibility. The Oracle Pricing
Administrator has the authorization to access and update
all pricing entities for all functional users.
With pricing security, you can implement a higher level of
control by:
Assigning pricing entities to operating units: A
pricing entity can be assigned ownership to a
specific operating unit. You can restrict usage to one
operating unit or by all operating units.
Assigning privileges that control which grantee
(Global, Operating Unit, Responsibility, or User
level) can view or maintain the specified entity: You
can use security privileges to control user's access
to pricing entities in the following ways:
Grant view-only or maintain access privileges
to functional users at the Global, Operating
Unit, Responsibility, or User level.
Assign or reassign Operating Unit ownership
to price lists and modifiers and control which
operating units can use them for pricing
transactions.
Create entity sets (a set consists of grouped
pricing entities) and assign access privileges
to the entire set. The Entity Set function is
available only with license to Advanced
Pricing.
Setting default rules for security access for new
pricing entities.
Take a Note , before turning on pricing security, you must
create privileges for existing pricing entities.
Navigate (N) Oracle Pricing Administrator Setup -->
Security --> Privileges
Hope this post will surly help you in address some of
security and audit need for Clients/Customer.
Suggested Reading
Understanding Security in : Oracle Financials and
Manufacturing
