Role Based Security Key
The Microsoft Dynamics AX security system implements a role-based security model. The primary security specifications are privileges for table fields, and policies for table records. From the perspective of the developer using the AOT, a role is an aggregation of security specifications. The security specifications are designed to support a group of job activities performed by users with a known set of job responsibilities.
The Microsoft Dynamics AX system administrator assigns roles to the users. The users through those role assignments acquire the permissions to perform specific system operations. You should choose role names that describe the job activities performed by users of the system.
- Users can be assigned to one or more security roles and through those role assignments acquire the permissions to perform particular system functions.
Security role
- Security roles represent a behavior pattern that a person in the organization can play.
- A security role includes a defined set of application access privileges.
- Users are assigned to one or more security roles. Each user must be assigned to at least one security role to have access to Microsoft Dynamics AX.
Duties
A duty is a set of application access privileges that are required for a user to carry out their responsibilities.
- A duty is a responsibility to perform one or more tasks or services for a job. Duties correspond to parts of a business process.
- A duty can be assigned to more than one role.
- For example, the Maintain bank transactions duty contains the Generate deposit slips and Cancel payments privileges.
- Although both duties and privileges can be assigned to security roles, we recommend that you use duties to grant access to Microsoft Dynamics AX.
Process Cycle
A process cycle is a collection of duties that represent a higher level business process.
- Process cycles organize duties and access privileges according to high level processes. For example, revenue cycle.
- A process cycle can be defined as a group of duties for a job function.
- For example, in the accounting process cycle, you may find the Maintain ledgersand Maintain bank transactions duties.Process cycles are used for organization only. The process cycles themselves cannot be assigned to roles.
Privilege
- A privilege specifies the access that is required to accomplish a job, problem, or assignment.
- A privilege contains permissions to individual application objects, such as user interface elements and tables.
- Privileges group together related securable objects. For example, menu items and controls.
- Privileges can be assigned directly to roles. However, for easier maintenance, we recommend only assigning duties to roles.
- For example, the Cancel payments privilege contains permissions to the menu items, fields, and tables that are required to cancel payments.By default, privileges are provided for all features in Microsoft Dynamics AX. The administrator can modify the permissions that are associated with a privilege, or create new privileges.
No comments:
Post a Comment