There is a distinct workflow to planning and implementing a role-based security
model.
Design the Security Hierarchy
- Identify the various authorized tasks to be performed by users. Group closely
related tasks. Groupings can be based on any organizational
structure—departmental, functional, and so on. A role hierarchy which matches
the organizational hierarchy can be created. Assign a name to each grouping.
These groupings are the roles you will create.
- Identify the system privileges and object-level
privileges required to perform each authorized task identified.
- Identify the users to perform the various authorized tasks.
Associate them with the applicable roles or with identified individual tasks.
- (Optional) Identify administers for the roles you are going to create.
Administrators can grant and revoke the role to other users.
- (Optional) Identify administrators for the system privileges and object-level
privileges that are not part of the roles you will be creating.
Build the Security Hierarchy
- Create the required roles. See Roles.
- To each role, grant the system privileges. See Roles and Privileges.
- Create the users. See Users.
- Grant the applicable roles to each user, including granting administrative
rights where applicable. See Roles
- Grant the applicable object-level and system privileges to users, including
granting administrative rights where applicable. See Privileges.