Role management helps you manage authorization, which enables you to specify the resources that users in your application are allowed to access. Role management lets you treat groups of users as a unit by assigning users to roles such as manager, sales, member, and so on.
Aarisha Inc provides an optimized structure to automate your enterprise role-management needs. You can granularly define and administer roles including the ability to attach business-driven access control, policy, workflows and approvals to roles.
- Role hierarchies: Role hierarchies allow security administrators to build and plan logical role hierarchies and to build more meaningful role relationships.
- Role relationships can be implemented.
- Immediate parent-child role relationships can be tracked and navigated.
- Separation of duty can be evaluated where role hierarchy is used.
- Role relationships: Role relationships allow roles to be logically linked by allowing parent-child role relationships in the hierarchy, in which child roles inherit the entitlements of their parent roles.
- A parent role can have multiple child roles.
- A child role can have multiple parent roles.
- Role relationships can be evaluated to determine which entitlements are inherited and granted.
- Provisioning behavior can be changed by role hierarchy assignment; for example, by making a department role a child of an application role.
- Role classification: Role classification is the ability to classify a role for workflow and policy customization purposes.
- Default role types are business and application types.
- Business roles encompass the kind of job that a person does.
- Application roles encompass the kind of access that the person requires.
- Role relationships and role classification can be used to define how different role types relate.
- Role ownership and approvals:
- Role owners can be users or other roles.
- Roles can have multiple owners.
- Oracle Identity Analytics