When we bring together the three core elements of business unit, user, and security role, you can see how the security model works.
You might have one or many business units, and within these you add users. This gives you your organizational structure. At this point, however, you have not declared what users are permitted to do or what they can access because that information comes from the security role. Remember that security is primarily determined by the security role, not by which business unit a user is assigned to.
A security role is three dimensional, but we will first look at it in a two-dimensional way and build on what we learn.
Table 5.1 illustrates how a two-dimensional security role, as a matrix of actions ...