Microsoft Dynamics AX 2012 的安全框架和安全模型

Microsoft Dynamics AX 2012 的安全框架和安全模型相对于早期版本有比较大的改变。

安全模型的实施基于安全框架。

一个用户至少需要被指派一个安全角色，否则无法访问系统。

在Microsoft Dynamics AX 2012 中设置安全框架需要了解以下基本概念

概念	定义
duty	In the security model, a set of application access privileges that are required for a user to carry out their responsibilities.
job	A grouping of responsibilities, duties, and job functions that compose an activity.
job function	One or more tasks, duties, and responsibilities that are assigned to a job.
permission	One or more securable object permissions that secure access to logical units of application data and functionality.
privilege	One or more permissions a user requires to perform a task.
role	In the security model, a behavior pattern of a person playing an organization role, a functional role, and an application role.
security model	A structure that organizes application access control permissions by using privilege, duty, and business process classifiers and that grants permissions that are aggregated into duties to user role assignments.
security role	A defined set of application access privileges. The security role assigned to a user determines which tasks the user can perform and which parts of the user interface the user can view.
segregation of duties	A design principle used to reduce the risk of fraud, irregularities, and errors that separates the recording, verification, authorization, custody of assets, and periodic review duties of people who participate in, document, or record the financial consequences of economic transactions.