Access Control and Accessibility in Oracle IRM 11g
By Martin Abrahams on Apr 20, 2010
A recurring theme you'll find throughout this blog is that IRM needs to balance security with usability and manageability. One of the innovations in Oracle IRM 11g typifies this, as we have introduced a new right that may be included in any role - Accessibility.
When creating or modifying a role, you simply select Accessibility along with Open, Print, Edit or whatever rights you want to include in the role.
You might, for example, have parallel roles of Reader and Reader with Accessibility and Contributor and Contributor with Accessibility.
The effect of the Accessibility right is to relax some of the protection of content in use such that selected users can use accessibility tools. For example, a user with the Accessibility right would be able to use the screen magnification tool, which IRM would ordinarily prevent because it involves screen capture.
This new right makes it easy for you to apply security to documents yet, subject to suitable approval processes, cater for the fact that a subset of users might be disproportionately inconvenienced by some of the normal usage constraints. Rather than make those users put up with the restrictions, or perhaps exempt them from using sealed documents altogether, this new right allows you to accommodate them in a controlled manner, and to balance security with corporate accessibility goals.