For information on using APOS solutions to help you bolster and manage
security, visit our more recent series of security posts.
By Rick Epstein
As I mentioned in my previous post, access levels are applied to users and groups. By contrast, there are three SAP BusinessObjects security
settings that apply at the granular
rights level.
By Rick Epstein
- No Access: This acts to not allow the right but can be overridden by an explicit grant or an explicit denial
- Explicit Denial: Does not allow the right on an object and cannot be overridden
- Explicit Grant: Allows the right on the object and can be overridden
There is another setting that is available
for each right that is assigned: the Apply
on This Object or All Sub-Objects setting. By default, a right assignment
is applied to all sub-objects. Sub-objects can be sub folders or reports,
categories, universes, or connections under the folder on which a right is
applied. Assigning the right only to this object (not sub-objects) will prevent
the right from cascading/inheriting down.
Okay, those are the basic elements of the Security Knowledge Framework.
What's next? In upcoming posts, I'll be discussing some common security mistakes. Hint: Everyone Group, Top Level Folder rights, CMC Rights, Explicit Denials, Broken Inheritance.)
Okay, those are the basic elements of the Security Knowledge Framework.
What's next? In upcoming posts, I'll be discussing some common security mistakes. Hint: Everyone Group, Top Level Folder rights, CMC Rights, Explicit Denials, Broken Inheritance.)
No comments:
Post a Comment