Differences between OBIEE 10g and 11g security models?

Security Task/Object	OBIEE 10g	OBIEE 11g
Define Users and Groups in RPD file using OBIEE Admin Tool	Default	N/A. By default, users are defined in embedded WLS LDAP via FMW EM Console, or alternatively, in external LDAP.
Defining security policies	Policies in the catalog and repository can be defined to reference groups within a directory	Policies are defined in terms of application roles, which map to users and groups in a directory.
“Administrator” user	Unique user with full administrative privileges	No single user named for full administrative privileges. Administration can be performed by any user who is member of BIAdministrators group.
Repository encryption	Available on sensitive elements only – i.e. user passwords, connection pool passwords, etc.	Entire RPD encrypted via a password.
External Authentication and OBIEE Initialization (Init) Blocks	Init blocks are required for external LDAP or external table authentication.	Init blocks not required for WLS embedded LDAP. Init blocks are required for external LDAP or external table authentication.
Catalog Groups	Defined in Presentation Server Administration link	Available for backward compatibility. Use of Application Roles in FMW EM Console recommended.
SA System Subject Area	Optional	Available for backward compatibility and requires init blocks and external tables. Use of Embedded LDAP is recommended.
“Everyone” Presentation Server Group	Default	Replaced with AuthenticatedUser role