User security roles control access to the myUFL systems. The roles a user has determines what menu items or task lists the user will see when they log on to the myUFL portal. Some roles are automatically assigned based on one's relationship to the university (e.g., faculty, staff or student) while other roles are assigned by the Department Security Administrator (DSA) using the Access Request System (ARS) in the myUFL portal.
Visit the Security Roles page to view a list of active end user, core user, and Bridges user security roles, grouped by service category.
Frequently Asked Questions
These Frequently Asked Questions will get you started with application security and the use of user security roles.
Glossary
A glossary of terms is available to help you with definitions of terms and acronyms used in the myUFL systems.
Forms
- Conflicting Role Definition Request Form. This form is reserved for use by senior core office staff. To request authorization to use this form please contact the Bridges security group.
- DSA Authorization Form. This form is used to designate a Department Security Administrator (DSA) for your area, or to initiate a security role change when your DSA transfers to another UF unit. It is also the form to submit when your DSA no longer works for UF, or is no longer serving as the DSA for your unit. This form must be filled out and signed by the appropriate vice president, dean, director, or department chair.
- Approver Authorization Form. The individual you authorize as security role approver will have very important responsibilities. Using the Access Request System, approvers will review and act on requests made by Department Security Administrators (DSA) to grant or remove access to administrative computer applications for people in their department, college or division.
Training Materials
- Understanding Your Role as a Department Security Administrator
Required for employees who are designated as Department Security Administrators (DSA)by their vice president, dean, director or department chair. This workshop covers the responsibilities of a DSA, including using the Access Request System (ARS), internal controls, and best practices. This is a required course as the security administrator role is considered a "position of special trust." Submit the DSA Authorization Form and you will be contacted shortly thereafter by the Bridges Security team to make arrangements for taking the DSA course. - Understanding Your Role as a Security Approver
Required for core office staff who are designated as security approvers (UF_SEC_APPROVER) by their vice president or the university controller. This presentation and handout covers the responsibilities of a security role approver, including using the Access Request System (ARS), internal controls, best practices, relevant data and security policies, and other useful resources. This is a required course as the security approver role is considered a “position of special trust.” Submit the Approver Authorization Form and you will be contacted shortly thereafter by the Bridges Security team to make arrangements for taking the Approver course.
WebCT Tutorials
- Access Request System Approver Guide 1 Nov 2006
Approving roles in the Access Request System (ARS) is simple. Ensuring that the just the right people have just the right access requires more thought. Please review all of the materials in the Resources section after the following the “How-To” steps, especially the Segregation of Duties and Role Checklist for the roles you approve. - Setups
for Grants Negative Balance Notifications 03 Nov 2006
How to set up users to receive Grants Negative Balance email notifications. The users should be designated by a Dean, Director, Department Chair, or Principal Investigator to receive these notifications on their behalf. - Who Should Be the Approver? 02 Nov 2006
Best business practices at our institution call for at least two employees to be involved in every transaction. Generally, one employee initiates the transaction, and a second employee approves it––which increases the likelihood that errors will be identified and corrected. So who should have the approver role in your department?
Instruction Guides
Additional Resources
A list of roles assigned to you can be displayed via myUFL Portal > My Account > My Roles.
- Flow of Information Through the myUFL Systems
This graphic shows the relationship between the legacy systems (pre-July 2004) and the PeopleSoft systems that replaced them. - Mapping of Affiliations to Roles
This graphic shows the relationship between the UF Directory and the myUFL portal. An individual's affiliation to UF as designated in the UF Directory drives what users will see as basic or self service features in the myUFL portal. - Report Catalog
An inventory of all reports, and their associated security roles, available in Enterprise Reporting is updated on an as needed basis. - Role Naming Convention
The acronym prefix used in the role name indicates the associated myUFL module; all three types of roles – end, core and Bridges, share the same naming convention. - Segregation of Duties and Internal Controls
This collection of documents and links serves to orient individuals and administrators to the responsibilities of those who design security roles, those who request roles (Department Security Administrator) and those who approve roles (Approver). - Security
Checklist
Use this checklist to complete requests for End User roles for Security in the Access Request System (ARS).
- Security Roles List
A complete list of all security roles currently in use at the University of Florida, sorted by service category. - User Security Roles
A brief overview of the four types of roles used at the University of Florida.
Policies
- UF Information Technology Security Policy
This policy applies to all people who maintain or manage university IT resources, their supervisors, and their unit administrators. It applies to all locations of those resources, whether on campus or from remote locations. - UF Information
Technology Policies
Policies and standards for all aspects of information technology, including acceptable use, disability access, copyrights, domain names, etc.
Security Roles
End User Roles
- UF_SEC_REQUESTOR
This role allows a department security administrator (DSA) to request security roles for department employees. The department security administrator (or designated employee) can change or delete security roles. Staff requesting this role must also submit a completed DSA Authorization Form, and successfully complete the BRG100 training course before the role will be granted. (P3)
Core User Roles
- UF_N_SECURITY_EXT_BROWSE
This role allows users to browse security extensions. The role is for use solely by RACF administrators. (P3) - UF_N_SECURITY_EXT_UPDATE
This role allows users to browse and update security extensions. The role is for use solely by RACF administrators. (P3) - UF_SEC_APPROVE_CONFLICTS
This role allows access for the conflict [CNFL] group to the Conflict Approver page in the Access Request System (ARS). (P5) - UF_SEC_APPROVER
To acquire this role, prospective users must submit an Approver Authorization Form, and then complete training course BRG300. The role will not be approved until the user successfully completes BRG300 (P3) - UF_SEC_IMPLEMENTER
This role is for use by Bridges security staff responsible for making approved changes to security access. (P3)
Bridges User Roles
- UF_N_MAINT_IS_SECURITY_RECORD
This role allows users to maintain Information Systems Department security records. This role is intended for use by Bridges security staff only. When requesting the role the following information is required in the Authority Area: Application ID(s)=[insert value] and Terminal Netname=[insert value]. (P3) - UF_SEC_REQ_ADMIN
This role allows users to administer the Access Request System (ARS). This role is reserved for members of the Bridges security staff. (P4)
Assistance
For role requests or myUFL access issues, contact your Department Security Administrator.
Please contact the UF Help Desk (392-HELP) regarding the use of the Access Request System in myUFL.
