Note: You must have the OLAP_XS_ADMIN privilege to manage data security policies in Analytic Workspace Manager.
Data security policies provide security at the most granular level. You can grant access to a slice of data in a cube. For example, you might enable district sales managers to view the data for their own districts, but not the districts of other managers.
When you apply a data security policy to a particular dimension, the policy controls access to all cubes with that dimension. When you apply a data security policy to a cube, then the policy controls just that cube. You can apply a policy to one or more users, roles, and data security roles. Data security policies are implemented using the XML DB security of Oracle Database.
To create a data security policy:
Expand the folder for a dimension or a cube.
Right-click Data Security and choose Create Data Security Policy.
The Create Data Security Policy dialog box is displayed.
On the General tab, type a descriptive name in the Data Security Policy Name field.
Click Add.
The Add Users or Roles dialog box is displayed.
Select the users, roles and OLAP data security roles that you want to grant permissions to access data across this dimension. Then click OK to close this dialog box.
The selected users and roles are now listed in the table on the General tab.
Select the permissions you want to grant to each user or role. You cannot assign permissions to the OLAP data security roles because the permissions are part of their definitions.
On the Member Selection tab, choose the dimension members that you want the selected users and roles to access.
Click OK to save the data security policy.
The new data security policy appears in the navigation tree in the Data Security folder for the dimension or cube.
Copyright © 2003, 2007 Oracle. All rights reserved.