Oracle Primavera

Copies of the Evaluated Configuration Guides may also be obtained by emailing

 Primavera® P6™ Enterprise Project Portfolio Management Version 6.2.1

Primavera is a project management product that is implemented using client/server architecture with a centralized project database. Primavera can be used to manage projects, resources, and methodologies. Resources can represent either people or materials, depending on how the project is defined. Methodologies are templates for defining new projects and can be used to codify an organization’s best practices.

Primavera® P6™ Enterprise Project Portfolio Management (Version 6.2.1) provides a moderate to high level of independently assured security in a conventional TOE and is suitable for a relatively benign environment with good physical access security and competent administrators.

Primavera® P6™ Enterprise Project Portfolio Management (Version 6.2.1) supports the following security functions:

User Data Protection

Primavera implements three separate access control policies—one controls access to projects, another controls access to resources, and the third controls access to methodology objects. Access control decisions are made differently for each type of object.

Identification and Authentication

Primavera defines users in terms of security attributes comprised of user identity and global profiles, which contain authorizations corresponding to functions a role may perform. Primavera requires users to be identified before they can gain access to its capabilities. In the evaluated configuration, authentication of claimed identities is performed by an LDAP server in the IT environment.

Security Management

Primavera provides administrative users with the ability to manage access controls on projects, resources, and methodologies, and the security attributes associated with users. Administrative capabilities are granted by the privileges allocated to a user via a global profile associated with the user.