Data control security
To perform these configurations, you must have an understanding of global ledger configuration, especially companies, groups, and dimensions. To enable security for company, groups, and dimensions, follow these guidelines:
- Security groups are configured to show the data elements to secure and the
actors who can access the data. Caution:To secure the data, you must link actors to these security groups as part of their configuration. Actors who are not linked to security groups have access to all data.
- Predefined security rules are delivered as part of security classes for business classes. When you configure security groups, these delivered security rules are made available. You can also use these rules as templates to create custom security classes with conditional rules.
Glossary of terms
| Term | Description |
|---|---|
| Security group type | Collection of security groups that define security access to the same type of data. For example, accounting unit. Each security group type is represented by a menu item in the menu. |
| Security group | A group that defines the specific data that can be accessed by specific users. For example, a security group for finance dimension contains the specific structure and dimension levels to which users have access. The specific users are also defined in the security group. |
| Business group security | Security groups are not created for business groups. Vendor business groups and customer business groups are managed in global ledger. Actors are added to a single vendor or to a customer business group. Go to the menu. |
| Group members | For each group type, members define the specific data
elements to which users have access. For example, the members of a project
security group are the projects to which users of the security group have access.
Some security groups do not have members because they are based on global ledger groups where members are defined. For example, a security group for accounting entity does not contain accounting entity members. It is linked to an accounting entity group in global ledger. The accounting entity group in the global ledger contains members that are accounting entities. The accounting entities that are members of the global ledger group are the data elements that users of the associated security group can access. |
| Actor context | Actor context values are user attributes that can be used for authorization and application defaulting purposes. For security groups, an actor context record must be created to designate the user is part of the security group. |
| Security class | Security classes provide security for securable objects, for example, business classes. Security groups are included in the security definition for business classes in the associated security classes. For example, a security class that contains access to a business class in chart of account may contain a condition for Chart of Account Security Groups. |
| Security rules and conditions | Security rules are the LPL code in a security class that defines access to the securable object. Some security classes use conditions that reference security groups. For example, a security rule can include a condition that grants access only if the actor is included in an applicable security group. |
For information about Infor Landmark Technology security and actor context, see the Landmark Technology library on docs.infor.com. In the Administration menu, and find the User Setup and Security.