In the previous section, you learned how to restrict a role's access to certain dimension hierarchy members. This worked well for a dimension with few categories and a single role. As long as you can group users into a few roles depending on their job function, this approach will suffice. However, when the number of roles grows to hundreds, you'll find that managing security can become very cumbersome and tedious. Clearly, creating a new role to expose a specific data set to each retail customer is unacceptable. Fortunately, you can work around this limitation using a security measure group.

Although it takes several steps to implement, the security measure group utilizes relatively straightforward concepts. ...