Reviewing the Security Model

Objective

After completing this lesson, you will be able to review the security model in SAP SuccessFactors Learning.

Security Model in SAP SuccessFactors Learning

SAP SuccessFactors Learning uses a security model which is different from the Role-Based Permissions (RBP) model that is used in the other SAP SuccessFactors solutions.

In SAP SuccessFactors Learning, different security objects are used to control data access. It uses a combination of security domains, security domain groups, permissions, and roles.

Security Domains and Hierarchy

The hierarchical structure of security domain starts with Root and Public domains.
  • Security Domain - SAP SuccessFactors Learning creates areas of data access through the use of security domains. Security domains are used to indicate what data can be seen and by whom. Security domains can be built in a hierarchical structure, with each security domain having one or more children. Security domains should be created wherever there is a need to restrict data to some administrators and prevent other administrators from searching, viewing, editing, adding, or deleting the data. In the diagram, Example of Domain Hierarchy, you have different levels of domain.
    • Root Domain (or Corporate Domain) - This is the highest level in the security domain tree hierarchy. The domain level starts from zero.
    • Domain B - Each security domain can have one or more child domains. Each sub-domain is numbered one level higher that its parent (e.g. a sub-domain created under the Root Domain is a level 1)
    • Public Domain - This is the only unsecured domain in LMS and cannot be deleted. When new entities are created, the domain field is pre-populated to the Public domain. The admin should choose the correct security domain instead of the Public domain.

    Note

    It is recommended to have the smallest amount of security domains that are actually needed to prevent administrators from accessing entities that are outside their responsibly that they must not access.

  • Security Domain Groups - A group of one or more security domains. When applied to the permissions in an admin role, this will restrict the domains in which an admin may perform the permissions.
  • Permissions - A combination of functions (such as view, add, delete, copy, and so on) and an entity (users, items, classes, instructors, assignment profiles, etc.) 
  • Roles - Roles are associated to admins. A role is made up of a list of permissions and security domains. The permissions control the functions the role can perform and the Security Domain Groups control the domain the role perform the functions in.

Complete an Assigned Course

Business Example

In this exercise, you will launch a course, complete it and print a completion certificate.

Steps

  1. Log in to the SAP SuccessFactors instance.

  2. Using the main navigation menu on the Home Page, navigate to Learning. The New Learning Experience Homepage opens.

  3. In the Required Learning section, select HR Handbook or IT Security BasicsStart Course.

  4. Select Launch Content.

  5. Select Agree.

  6. Select Verify Course Completion

  7. Select Print Certificate.

  8. Wait for the Report status to be completed. You should now see the Certificate of Completion.

  9. Go back to Learning Homepage.

  10. Select the Learning History from the Activities menu on the right. You should see the HR Handbook course as completed/read.

Summary

  • SAP SuccessFactors Learning creates areas of data access through the use of security domains.
  • Security domains should be created wherever there is a need to restrict data to some administrators.
  • This is the only unsecured domain in LMS and cannot be deleted. When new entities are created, the domain field is pre-populated to the Public domain.

Learning

SAP FacebookSAP YoutubeSAP LinkedIn