Top Posts Tagged with #datacrat

HCM Security in Oracle Cloud

Security Overview -

Oracle’s approach to security in cloud consists of the following aspects.

Role-Based-Access-Control (RBAC)

Data and Function Security

Privacy, Role Provisioning

Segregation of Duties

Oracle security documentation sums it up with a simple and easy understand statement as “WHO can do WHAT on WHICH set of data” to drive the point of Role Based Access Control (RBAC) concept.

The gang of 3 Ws - WHO. WHAT and WHICH are the key players of HCM Security in cloud. From security point of view this statement can be deconstructed on two levels -

Function security - Who Can Do What

Data Security - Who Can Do What on Which Data

Role-Based Security Model(RBAC) -

RBAC security model is a technique to limit the access to functions and data based on user’s roles in the organisation. Access to resources in application is granted to users by the ROLES assigned to them, not to the users directly. So. the security model encompasses management of -

Roles

Application Users

Role provisioning to application users.

Types of Roles -

Oracle HCM Cloud defines five types of roles –

Abstract Role - Generic role with no specific job functions the worker is hired for in organisation. The 3 abstract roles delivered in Oracle Fusion HCM are Employee, Line Manager, and Contingent Worker. Abstract roles can be created and are assigned directly to users. All workers will have at least one abstract role.

Job Role – The job role represents the specific job a worker is hired for. Typically, job role also needs data role to be included and assigned to users. Custom job roles can be created. Examples of predefined job roles in HCM are Human Resource Analyst, Payroll Manager.

Data Role - Data role combines a worker's job and the data that users with the specific job must access. E.g. HCM data role Country Human Resource Specialist combines a job (human resource specialist) with a data scope (country). All HCM data roles are assigned directly to users and data scope can be defined in one or more HCM security profiles.

Duty Role - Represents worker’s duties to be performed as part of their job. This role gives worker the privilege to actions over functions and data. Custom duty roles can be created and are not assigned directly to users.

Aggregate Privileges - This is a type of role that is predefined and un-editable. It combines functional privilege for a specific task or duty with the relevant data security policies. The functional privilege provides access to specific task flows, application pages, work areas, reports and so on. Privileges cannot be created or assigned directly to users.

Finally to summarise it, almost every role within HCM is a hierarchy or a collection of other roles.

Duty role is an Application role while Abstract, Job and Data are Enterprise roles and can be shared enterprise wide.

Job and abstract roles inherit duty roles and duty roles can inherit other duty roles.

Job, abstract and duty roles can be assigned aggregate privileges directly.

Users are allowed any number of roles and are not required to select any particular role to perform any task or to log-in.

#fusionhcm #oracle hcm #oraclecloud #oraclesecurity #datacrat

•18+ Adults Only

Watch Anya Live on Cam

Anya is live and ready to show you everything. Watch her strip, dance, and perform exclusive shows just for you. Interact in real-time and make your fantasies come true.

✓ Live Streaming✓ Interactive Chat✓ Private Shows✓ HD Quality

Anya is LIVE right now

FREE

Free to watch • No registration required • HD streaming