The security concept of BIP and OTBI reports will be discussed in this post. How can we implement security in these reports so that we can control which Business users have access to these reports and their data in Oracle Fusion Application.
Subject Area Overview in Oracle Fusion
BIP and OTBI reports are created in Fusion in the Standard Subject Area folder provided by Oracle Fusion. In OTBI, we can also create Analysis reports using the Standard Subject areas. However, how can we control access to these subject areas in Fusion, such as which subject areas users have access to and which they do not?
Duty roles are used to functionally secure subject areas. The words Transaction Analysis Duty appear in the names of duty roles that grant access to subject areas. So, in fusion BIP and OTBI reports, we can control which subject areas have access.
BIP and OTBI Report Security Concept
When creating OTBI and BIP reports, you can also set permissions for them by right-clicking on them. You can restrict who has access to these reports by defining permissions such as which Role or User can see them.
Reports are secured based on the folders in which they are stored if permissions have not been set, Permissions for Reports can be set as follows
Read, Execute, Write, or Delete
Run Publisher Report
Schedule Publisher Report
View Publisher Output
Reports and Analytics Security Levels
The following three levels of security can be found in reports and analytics:
- Security at the user level (authentication of users). The authentication and confirmation of a user’s identity based on the credentials provided, such as username and password, is known as user-level security
- Security at the object level. The visibility of business logical objects is controlled at the object level, based on a user’s role. Object-level security can be configured for Oracle BI Repository objects like business models and subject areas, as well as Web objects like dashboards and dashboard pages defined in the Presentation Catalog.
- Security at the data level. Based on the user’s association with data in the transactional system, data-level security controls the visibility of data (content rendered in subject areas, dashboards, analyses, and so on).
Data Duty Roles Overview of Reporting in Oracle Fusion
Data Duty Roles can also secure the data returned by Oracle Fusion Transactional Business Intelligence (OTBI) reports.
One or more Reporting Data Duty roles are inherited by each Transaction Analysis Duty role that grants access to subject areas and Business Intelligence Catalog (BI Catalog) folders. Access to the data is granted by these duty roles.
List of Roles in Business Intelligence (BI) for BIP and OTBI Reports
Both BIP and OTBI reports use BI roles. They give users access to Business Intelligence features like the ability to run or write reports.
- The BI Consumer Role is in charge of running Business Intelligence reports.
- The BI Author Role is in charge of creating and editing reports.
- The BI Administrator Role is responsible for administrative tasks such as creating and editing dashboards, as well as modifying security permissions for reports, folders, and other objects.
- BI Publisher Data Model Developer Role This role allows to create and edit Oracle BIP data models.