Introduction to OBIEE: Learning to Access, Navigate, and Find Data in the SWIFT Data Warehouse Lesson 3: SWIFT Data

Warehouse Security

This course, Introduction to OBIEE, provides a high-level overview of the basic elements and navigation in OBIEE, the SWIFT Data Warehouse query and reporting tool. OBIEE (Oracle Business Intelligence Enterprise Edition) provides State of Minnesota agencies the ability to retrieve and present financial and human resources data from the SWIFT Data Warehouse in a variety of formats including queries, reports and dashboards. OBIEE delivers a user-friendly business intelligence platform that makes it simple to access data, whether the user is running prebuilt queries and reports or creating them from the ground up. This course is recorded as a PowerPoint presentation, allowing you to review it at your own pace. Click your mouse or use your keyboard arrow keys to advance slides. Red boxes shown in demonstrations are intended to simulate mouse clicks in OBIEE. NOTE: Many of the screenshots in this course were recorded in a demonstration environment. Data displayed in the examples provided does not reflect actual State of Minnesota data.

Lesson 3: SWIFT Data Warehouse Security

Users must have security clearance in order to access the SWIFT Data Warehouse/OBIEE . This Security is focused in two areas: 1. 2. The OBIEE functionality (tool permissions) a user has access to The types of data a user has clearance for

This topic will explore the basic security requirements, and how to obtain the proper clearance in order to get up and running in OBIEE. Please keep in mind that this lesson is an overview and does not provide details on all required security elements. Please check with your agency security administrator if you have questions.

Lesson 3: Security

Your ability to retrieve data from the SWIFT Data Warehouse via OBIEE is governed by

SWIFT Admin Portal

OBIEE Users

Lesson 3: Security

the security clearance that has been granted to you.

SWIFT Admin Portal = Security =

OBIEE Users

Lesson 3: Security

In order to use OBIEE, you must have security clearance established in two areas:

SWIFT Admin Portal = Security =

OBIEE Users

Lesson 3: Security

1. Security for functionality, providing access to the OBIEE tool and defining the specific permissions you have within the tool and;

SWIFT Admin Portal = Security =

Functionality

OBIEE Users

Lesson 3: Security

SWIFT Admin Portal = Security =

Functionality

Data

OBIEE Users

2. Security to data, in order to pull information from the appropriate OBIEE subject areas.

Lesson 3: Security

Lets take a closer look at these security elements and how they are assigned to users.

SWIFT Admin Portal = Security =

Functionality

Data

OBIEE Users

Lesson 3: Security

SWIFT Data Warehouse Security

Functionality
Provides access to the OBIEE tool and defines what you can (and cant) do in OBIEE

Lesson 3: Security

SWIFT Data Warehouse Security

Functionality
Provides access to the OBIEE tool and defines what you can (and cant) do in OBIEE Based on General Warehouse Roles.

10

Lesson 3: Security

SWIFT Data Warehouse Security

Functionality
Provides access to the OBIEE tool and defines what you can (and cant) do in OBIEE Based on General Warehouse Roles. You must be assigned at least one General Warehouse Role in order to access OBIEE.

11

Lesson 3: Security

SWIFT Data Warehouse Security

Functionality
Provides access to the OBIEE tool and defines what you can (and cant) do in OBIEE Based on General Warehouse Roles. You must be assigned at least one General Warehouse Role in order to access OBIEE.
The General Warehouse Roles define the list of permissions or capabilities you have clearance to. There are four available roles, each with its own set of permissions. Your role is assigned to you by your agency security administrator. The following slide illustrates the permissions granted with each of the four roles.

12

Lesson 3: Security

This is the Security Role Matrix, which is one of the documents available on the OBIEE Support dashboard. Its also available on the SWIFT Website:

http://www.swift.state.mn.us/doc/datawarehouse/role-matrix.pdf

13

Lesson 3: Security

Note the four General Warehouse Roles at the top of the matrix. Permissions assigned to each of the roles are indicated below.

14

Lesson 3: Security

SWIFT Data Warehouse Security

Functionality Data
Determines which OBIEE subject area(s) you have clearance to

Now, well focus on the Data part of the security equation. In order to pull data from the warehouse, (whether you are developing an analysis, or simply viewing a report) you must have security clearance to that data first. The types of data you have clearance to within SWIFT and/or SEMA4 determine which subject areas you have access to in OBIEE.

15

Lesson 3: Security

SWIFT Data Warehouse Security

Functionality Data
Determines which OBIEE subject area(s) you have clearance to
Security clearance to SWIFT data is governed by the inquiry roles that are assigned to you. Each SWIFT module has an inquiry role associated with it. You must have the inquiry role for each SWIFT modules data that you intend to access via OBIEE.

SWIFT data based on SWIFT

system module Inquiry roles

16

Lesson 3: Security

SWIFT Data Warehouse Security

Functionality Data
Determines which OBIEE subject area(s) you have clearance to
For example, if you need to access General Ledger and Accounts Payable information through OBIEE, you would need to be assigned: General Ledger Inquiry Only role And Accounts Payable Inquiry Only role

SWIFT data based on SWIFT

system module Inquiry roles

17

Lesson 3: Security

SWIFT Data Warehouse Security

Functionality Data
Determines which OBIEE subject area(s) you have clearance to
Security clearance to SEMA4 data is governed by the set of SEMA4 Warehouse roles assigned to a user. These roles are categorized by data type. The roles assigned to a user determine the SEMA4-related OBIEE subject areas the user has clearance to.

SWIFT data based on SWIFT

system module Inquiry roles

SEMA4 data based on SEMA4

Warehouse roles

18

Lesson 3: Security

SWIFT Data Warehouse Security

Functionality Data
Determines which OBIEE subject area(s) you have clearance to
Guidance on which SWIFT and SEMA4 data security roles are required for each of the available OBIEE subject areas is provided on the SWIFT website:

SWIFT data based on SWIFT

module inquiry only roles

http://www.swift.state.mn.us/obieesubject-areas

SEMA4 data based on SEMA4

Warehouse roles

19

Lesson 3: Security

SWIFT Data Warehouse Security

Functionality
Provides access to the OBIEE tool and defines what you can (and cant) do in OBIEE Based on General Warehouse Roles. You must be assigned at least one General Warehouse Role in order to access OBIEE.

Data
Determines which OBIEE subject area(s) you have clearance to

SWIFT data based on SWIFT

module inquiry only roles

SEMA4 data based on SEMA4

Warehouse roles

Note: There are additional security requirements that your Agency Security Administrator will establish for you in order to provide access to the data you need such as Business Unit security in SWIFT or Department security in SEMA4. Check with your Agency Security Administrator if you have questions.

20

Lesson 3: Security

In order to establish or update a users security roles, the Request for Access to SWIFT Statewide Systems form must be completed and then submitted to Statewide Systems Security at MMB. Note: SWIFT Data Warehouse access is only one of many security components that are established via this form.

21

Lesson 3: Security

The form, as well as detailed instructions and role description documents are available on the MMB Statewide Systems Security webpage:

http://www.mmb.state.mn.us/ system/security

22

Terminology Review

23

Terminology Review
Request for Access to SWIFT Statewide Systems form: Security Roles: General Warehouse role: Determines the type of work that a user can perform in OBIEE. Four General Warehouse roles are available, each associated with its own set of specific permissions. An individual must be assigned at least one of these roles (along with appropriate data roles) in order to access OBIEE. Provides security clearance to SEMA4 (Human Resources /Payroll) related data through OBIEE. Provides security clearance to Financial data through OBIEE. Each SWIFT module has its own SWIFT Inquiry role. Users need to be assigned the Inquiry role for each SWIFT modules data that they need to access through OBIEE. The MMB form thats used to establish and maintain security clearance for users of the SWIFT Data Warehouse and other applications accessed through the SWIFT Administrative Portal.

SEMA4 Warehouse role: SWIFT Inquiry role:

24