Oracle Application Access Controls Governor. Release Notes Release 8.0.1

Similar documents
Primavera Portfolio Management Reporting Views for SQL Server databases

Oracle Information Rights Management Oracle IRM Windows Authentication Extension Guide 10gR3 August 2008


GRCC Reporting Framework BIP for GRCC Admin/Implementation Guide

Copyright 1998, 2009, Oracle and/or its affiliates. All rights reserved.

Oracle Enterprise Single Sign-on Kiosk Manager

Governance, Risk, and Compliance Controls Suite. Hardware and Sizing Recommendations. Software Version 7.2

Adaptive Risk Manager Challenge Question Cleanup 10g ( ) December 2007

OIPA System Requirements. Oracle Insurance Policy Administration - Life Release 8.1 E May 2009

Oracle Information Rights Management Sealed for Lotus Notes Extension 10gR3 PR3 May 2008

USING ADMINISTRATOR FEATURES

Governance, Risk, and Compliance Controls Suite. Release Notes. Software Version

Oracle Enterprise Manager

Oracle Enterprise Single Sign-on Kiosk Manager. User Guide Release E

Oracle Alert Documentation Updates

System Monitoring Plug-in Installation Guide for Microsoft Internet Information Services Release 4 ( ) Versions Supported

Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners.

PDF Quick Reference. Oracle Health Sciences InForm CRF Submit Release Part Number: E

New Features in Primavera Professional 15.2

Oracle Enterprise Manager

AutoVue Integration SDK. Security and Authentication Guide

PEOPLESOFT FINANCIALS/SUPPLY CHAIN MANAGEMENT 9 MAINTENANCE PACK 13 DELTA

IVS Explorer User s Guide. Oracle Insurance Policy Administration - Life Release 8.1 E May 2009

Primavera Portfolio Management 9.1 Bridge for Microsoft Office Project Server 2007 Users Guide

Oracle Retail Category Management Release Notes Release April 2007

AutoVue Document Print Service. Overview

JD Edwards EnterpriseOne 8.12 Standalone Client Installation Guide. for the Oracle Application Server

Siebel Application Deployment Manager Guide. Version 8.0, Rev. A April 2007

Reporting User Guide. Prodika Product Lifecycle Management. Release 5.1

Primavera Portfolio Management 9.1 Bridge for Primavera P6 Users Guide

Oracle Enterprise Manager. Description. Platforms Supported. Versions Supported

Oracle Enterprise Manager. Description. Versions Supported. Prerequisites

Oracle Application Access Controls Governor. User Guide Release 8.5

Oracle Enterprise Single Sign-on Logon Manager How-To: Configuring ESSO-LM Event Logging with Microsoft SQL Server 2005 Release

Adaptive Strong Authenticator Configuration Guide 10g ( ) December 2007

Oracle Insurance QuickView Service Ordering User Guide. Version 8.0

Copyright

Secure Configuration Guide

Oracle is a registered trademark, and Oracle Rdb, Oracle RMU and Oracle SQL/Services are trademark or registered trademarks of Oracle Corporation.

Copyright

BAA Oracle EBS R12.1 isupplier Portal Created on 11/26/2012 3:18:00 PM


JavaFX. JavaFX System Requirements Release E

equestionnaire User Guide

Getting Started with Attunity Replicate on Amazon EC2. Version 6.0

Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners.

Oracle Enterprise Manager. Description. Versions Supported. System Monitoring Plug-in Installation Guide for EMC CLARiiON System Release 5 (

Oracle Enterprise Manager. Description. Versions Supported. Prerequisites

2 Records Manager Updates

Technical Enhancements

Defining Constants and Variables for Oracle Java CAPS Environments

Copyright

Oracle Tuxedo Mainframe Adapter for SNA

Oracle Database. Products Available on the Oracle Database Examples Media. Oracle Database Examples. Examples Installation Guide 11g Release 1 (11.

Oracle Retail Demand Forecasting Installation Guide Release 12.0 May 2006

Release Notes. Oracle Insurance Policy Administration Release 8.1 E May 2009

New Features in Primavera P6 16.2

Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners.

Copyright

Adaptive Risk Manager Offline PoC Guide 10g ( ) December 2007

Oracle Hospitality OPERA Exchange Interface Cloud Authentication. October 2017

Oracle Governance, Risk and Compliance. Release Notes Release Part No. E

JavaFX. JavaFX System Requirements Release E

Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners.

Oracle Enterprise Manager

Oracle Workflow Builder for Windows 2000 or Windows XP. Oracle XML Gateway Message Designer for Windows 2000

Customer Service Training Activities Created on 10/10/2011 3:33:00 PM. FSU Service Center. Quick Reference Guide v.

Oracle Enterprise Single Sign-on Provisioning Gateway

Synchronous SAP Connector

Document Reference Library User Guide

Oracle Enterprise Single Sign-on Logon Manager. Installation and Setup Guide Release E

Oracle Endeca Commerce Compatibility Matrix

Security Guide Release 4.0

Material Stock Requests 9.1

Oracle VueLink for Documentum

Computer Aided Compliance Screening User Guide

Oracle Utilities Smart Grid Gateway Adapter for Echelon

Oracle Enterprise Manager Ops Center. Introduction. What You Will Need. Hardware and Software Configuration

PeopleSoft Fluid Icon Standards

Oracle Enterprise Single Sign-on Authentication Manager

ORACLE DATA INTEGRATOR ADAPTER FOR HYPERION FINANCIAL MANAGEMENT GETTING STARTED

1 Important Configuration Changes

Content Synchronization and Syndication User Guide

Product Collaboration User Guide

Oracle Governance, Risk and Compliance Controls. Deployment with WebLogic Release 8.6.0

Database Change Reference Release 6.3

Oracle Retail Allocation Operations Guide Addendum Release November 2006

Oracle Retail Replenishment Optimization Installation Guide Release April 2008

Oracle Retail WebTrack Release Notes Release September 2007

Oracle Standard Management Pack

Oracle Configuration Controls Governor. Integra Apps User Guide Release 5.1.3

1 Understanding the Cross Reference Facility

Oracle Retail Merchandising System Release Notes Release French August 2006

1 Review Information About this Guide

Oracle Enterprise Manager Ops Center. Introduction. What You Will Need

Oracle Access Manager

Payroll Training Guide LSUNO V9.1

Oracle Enterprise Manager Ops Center. Introduction. What You Will Need. Creating vservers 12c Release 1 ( )

Oracle Utilities Meter Data Management Integration to SAP for Meter Data Unification and Synchronization

Oracle Endeca Guided Search Compatibility Matrix

Transcription:

Oracle Application Access Controls Governor Release Notes Release 8.0.1 May 2008

Oracle Application Access Controls Governor Installation Guide Copyright 2007, 2008 Oracle Corporation and/or its affiliates. All rights reserved. Primary Author: David Christie The Programs (which include both the software and the documentation) contain proprietary information; they are provided under a license agreement containing restrictions on use and disclosure and are also protected by copyright, patent, and other intellectual and industrial property laws. Reverse engineering, disassembly, or decompilation of the Programs, except to the extent required to obtain interoperability with other independently created software or as specified by law, is prohibited. The information contained in this document is subject to change without notice. If you find any problems in the documentation, please report them to us in writing. This document is not warranted to be error-free. Except as may be expressly permitted in your license agreement for these Programs, no part of these Programs may be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose. If the Programs are delivered to the United States Government or anyone licensing or using the Programs on behalf of the United States Government, the following notice is applicable. U.S. GOVERNMENT RIGHTS Programs, software, databases, and related documentation and technical data delivered to U.S. Government customers are commercial computer software or commercial technical data pursuant to the applicable Federal Acquisition Regulation and agency-specific supplemental regulations. As such, use, duplication, disclosure, modification, and adaptation of the Programs, including documentation and technical data, shall be subject to the licensing restrictions set forth in the applicable Oracle license agreement, and, to the extent applicable, the additional rights set forth in FAR 52.227-19, Commercial Computer Software Restricted Rights (June 1987). Oracle Corporation, 500 Oracle Parkway, Redwood City, CA 94065. The Programs are not intended for use in any nuclear, aviation, mass transit, medical or other inherently dangerous applications. It shall be the licensee s responsibility to take all appropriate fail-safe, backup, redundancy and other measures to ensure the safe use of such applications if the Programs are used for such purposes, and we disclaim liability for any damages caused by such use of the Programs. The Programs may provide links to Web sites and access to content, products, and services from third parties. Oracle is not responsible for the availability of, or any content provided on, third-party Web sites. You bear all risks associated with the use of such content. If you choose to purchase any products or services from a third party, the relationship is directly between you and the third party. Oracle is not responsible for: (a) the quality of third-party products or services; or (b) fulfilling any of the terms of the agreement with the third party, including delivery of products or services and warranty obligations related to purchased products or services. Oracle is not responsible for any loss or damage of any sort that you may incur from dealing with any third party. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners.

Contents 1 Release Notes Access Policy Creation... 1-1 Conflict Analysis... 1-2 Administration... 1-3 Contents iii

iv Oracle Application Access Controls Governor

Release Notes Oracle Application Access Controls Governor implements access policies in Oracle E-Business Suite, PeopleSoft Enterprise, and other business-management applications. Each policy identifies access points to these applications that are considered to conflict with one another because, in combination, they would enable individual users to complete transactions that may expose a company to risk. Policies further designate policy types, which determine whether conflicts should be prevented, monitored, or made subject to approval by reviewers. Once conflicts are generated, analysts can assign status to individual conflict paths, each of which determines how a user s role (an access point directly assigned to a user, such as an Oracle responsibility) leads to a privilege (an access point actually included in an access policy). Version 8.0.1 of Application Access Controls Governor (AACG) introduces enhancements in the creation of access policies, the analysis of the conflicts they generate, and in administrative features. In addition to the features described below, version 8.0.1 introduces performance tuning for improved performance with large data sets. Access Policy Creation In version 8.0, a policy written to regulate access to Oracle E-Business Suite could include roles, responsibilities, menus, and functions as access points. In version 8.0.1, such an access policy may also include concurrent programs as access points. In version 8.0.1, the author of an access policy may designate an owner and any number of observers. By default, an owner is assigned to review all paths to conflicts generated by the policy he owns (although the paths may be reassigned to other users). An observer is a person who has some interest in the conflicts generated by a policy, although no default responsibility for resolving them. Both owner and observers may receive email messages when the policy generates conflicts. AACG users may create entitlements collections of access points and use them in access policies in place of, or in addition to, access points. When a user edits an entitlement, the policies configured to use that entitlement may be adversely affected. Version 8.0.1 introduces edit impact messaging an attempt to save an Release Notes 1-1

edited entitlement produces a warning message identifying the access policies already configured to use the entitlement. Both the panels in which policies are defined and entitlements are created include a new Comments column. One may enter any information in this column. However, a migration utility may be used to convert version-7.x SOD rules into version-8.0.1 access policies. If so, each SOD rule was assigned a control type (equivalent to a version-8.0.1 policy type). Two control types Allow with Rules and Approve with Rules associated SOD rules with form rules, which alter the properties of Oracle EBS forms in ways that mitigate conflicts. If you have migrated an SOD rule of either control type, AACG 8.0.1 displays the name of the associated form rule in the Comments field. Each access policy is assigned a status Active or Inactive. In version 8.0, a user could update the status of only one policy at a time. In version 8.0.1, the user can update the status of any number of policies in a single operation. Conflict Analysis An access policy may contain any number of access points, but it also directs the AACG engine to evaluate them in distinct combinations, each of which is known as a subpolicy. A Conflict Analysis panel presents a subpolicy-level view of conflicts, sorting conflict paths by specific combinations of access points within a policy that produce conflicts. In version 8.0.1, it adds several new columns that provide information about policies that produce individual conflict records not only the policy name (which was available in version 8.0 as well), but also the policy type, priority (a numeric value that rates the importance of a policy in comparison with others), the datasource (the business-management application in which the conflict exists), and the entitlements used by the policy. A Work Queue consists of two panels, one of which enables users to assign conflict paths to reviewers, and the other of which enables reviewers to assign status to those paths. Each panel comprises two sections: one enables users to drill down to a set of paths pertaining to a specific role, policy, and user, and the other displays those paths. In version 8.0.1: The drill-down portion adds these pieces of information: for a role, the datasource (once again, the business-management application in which the conflict exists), and for a policy, its priority. Users can resize each of the drill-down and path sections of either Work Queue panel by dragging the border between them. In the panel in which reviewers assign status, they can also reassign paths to other reviewers. A Heat Map enables analysts to select parameters that divide conflicts into increasingly narrowly focused sets. Through its use, analysts can evaluate trends in the generation of conflicts and prioritize their resolution. In version 8.0, the Heat Map displayed, by default, conflicts generated in the latest run of a Find Conflicts program, but enabled users to select earlier runs. In version 8.0.1, the Heat Map defaults to a cumulative display a view of conflicts generated by all runs of the Find Conflicts program but enables users to select any individual run. 1-2 Oracle Application Access Controls Governor

A Navigation panel provides links to the features available in AACG, and so enables users to select among them. In version 8.0, the Heat Map was available from two links on the Navigation panel; in version 8.0.1, it is available only from the Home link (and remains, as a result, the feature one sees upon opening AACG). Administration In version 8.0, the Navigation panel was a fixed size. In version 8.0.1, it can be enlarged, or it can be closed entirely (in which case the frame in which a user works is expanded). The ability to configure AACG user accounts is greatly enhanced. User information is encrypted; passwords must consist of characters from multiple data sets, making them more secure; and the user account adds tracking information such as email addresses, phone numbers, and physical addresses. Owners and observers of policies, and reviewers of conflict paths, may receive email notifications when conflicts require their attention. AACG consolidates queued notifications so that each recipient receives one message for the conflict paths awaiting his review. Version 8.0.1 provides the capability to configure a connection to your email server so that these notifications can be sent, and to schedule their delivery. (Notifications are sent to email addresses associated with owners, observers, and reviewers when their user accounts are configured.) In an Application Configuration panel, one can configure parameters required for AACG to connect to its database. Version 8.0.1 consolidates these parameters (thus reducing their number), assigns them plain-language names, and provides a tool for testing the connection before the parameters are saved. Version 8.0.1 of Application Access Controls Governor includes an application program interface (API) through which external applications, such as Identity Manager, can implement access policies created in AACG. Release Notes 1-3

1-4 Oracle Application Access Controls Governor

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback