Professional Documents
Culture Documents
Whitepaper SCP Security: W Hite Paper / May 29, 2019
Whitepaper SCP Security: W Hite Paper / May 29, 2019
SCP Security
WHITE PAPER / MAY 29, 2019
DINA JACOBS
DISCLAIMER
The following is intended to outline our general product direction. It is intended for information
purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any
material, code, or functionality, and should not be relied upon in making purchasing decisions. The
development, release, and timing of any features or functionality described for Oracle’s products
remain at the sole discretion of Oracle.
Scenario ...................................................................................................... 5
Use Case: Enable Write-Access For User-Specific Job And Read Only To
The Rest Of The Data................................................................................ 22
Conclusion ................................................................................................. 26
Oracle.com
Larry Ellison
INTRODUCTION
This paper will start with some fundamental setup scenario and continue
into businesslike use cases.
The initial user can perform all the necessary setup tasks. The initial user
is the Administrative user. This user can also perform security tasks,
including resetting passwords and the granting of additional privileges to
himself and others. After you sign in the first time, you can create
additional implementation users with the same broad setup privileges that
Oracle provides to the initial user. If you prefer, you can restrict the
privileges of these implementation users based on your business setup
needs. You provide these privileges through role assignment.
Only Administrative user will have access to Security Console (Tools ->
Security Console).
Select the Users tab on the left in the Security Console to open the User
Accounts page. Click the Add User Account button.
You can create a user from scratch or in conjunction on the existing user.
We would recommend creating the user based on existing, you click
search icon next to Worker Name.
Then enter the First Name, Last Name, Email, User Name, Password and
Confirm Password. The password policy type is simple: at least 8
characters and one number. Click Save and Close.
CREATE ROLE
To create a new role, use the Roles tab on the left and click “Create
Role”.
Note, when you copy the Role, to keep in mind, you inherit all the setups
and privileges of that Role. In this example, you want to create new
privileges, therefore, use “Create Role” and not copy.
In the next step, assign this newly created Role to the new user. Click on
Users tab on the left, find your user and click Edit.
For SCP, the user will need to be assigned other SCP roles to be able to
access SCP work areas. There are 8 roles associated with SCP modules.
Note. To enable SCC under SCP has different role code naming format:
Review roles and click Save and Close and Done on the next screen.
Sign out with your Administrative user and log in with the user you just
created.
On the Home page, you can see only work areas you have just created:
Plan Inputs, Demand Management, Supply Planning, Demand and Supply
Planning.
To enter condition to the newly created DAAS Data Access Set, use
Details form and click Add Row:
In Operator form, select Equals, in Value form select Starts With and type
“Boston”. Select “Boston Manufacturing”, click Insert and OK.
USE CASE: ENABLE W RITE-ACCESS FOR USER-SPECIFIC JOB AND READ ONLY
TO THE REST OF THE DATA
As an example for this use case, let’s look at the successful Auto
Business company that has its planners working on a diverse set of data.
For example, a group of planners work with Lane-keep Assist vehicles
data set or Adaptive Cruise Control vehicle data set or Adaptive
Headlights vehicle data set or Collision Warning System vehicle data set.
For role “Auto Supply Chain Plan End User”, customer-defined Data
Access Set called “DAAS ALL” with read-only access on Enterprise-
Business Unit level to cover all the organization. “OR” operator separates
values of Business Units.
For Adaptive Cruise Control Planner Role, customer created a new Data
Access Set with “Auto Adaptive Cruise Control Planner” role and defined
details for Data Access Set. The details will be different, as user needs
write permission on the specific organization level. Assuming the naming
convention for organizations starts with “CRUISE_ORG%”.
The same goes with all the rest Data Access Sets for roles Auto Collision
Warning Planner, Auto Adaptive Headlights Planner and Auto Line-Keep
Planner. Examples in the screenshots below:
Worldwide Headquarters
500 Oracle Parkway, Redwood Shores, CA 94065 USA
Worldwide Inquiries
TELE + 1.650.506.7000 + 1.800.ORACLE1
FAX + 1.650.506.7200
oracle.com
CONNECT W ITH US
Call +1.800.ORACLE1 or visit oracle.com. Outside North America, find your local office at oracle.com/contact.
Copyright © 2019, Oracle and/or its affiliates. All rights reserved. This document is provided for information purposes only, and the contents hereof are
subject to change without notice. This document is not warranted to be error-free, nor subject to any other warranties or conditions, whether expressed
orally or implied in law, including implied warranties and conditions of merchantability or fitness for a particular purpose. W e specifically disclaim any
liability with respect to this document, and no contractual obligations are formed either directly or indirectly by this document. This document may not be
reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without our prior written permission. This device has
not been authorized as required by the rules of the Federal Communications Commission. This device is not, and may not be, offered for sale or lease,
or sold or leased, until authorization is obtained. (THIS FCC DISLAIMER MAY NOT BE REQUIRED. SEE DISCLAIMER SECTION ON PAGE 2 FOR
INSTRUCTIONS.)
Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective owners.
Intel and Intel Xeon are trademarks or registered trademarks of Intel Corporation. All SPARC trademarks are used under license and are trademarks or
registered trademarks of SPARC International, Inc. AMD, Opteron, the AMD logo, and the AMD Opteron logo are trademarks or registered trademarks
of Advanced Micro Devices. UNIX is a registered trademark of The Open Group. 0519
White Paper Title
January 2017
Author: [OPTIONAL]
Contributing Authors: [OPTIONAL]