Understanding Application Security
PeopleSoft applications use the capabilities and flexibility of multilevel security to provide an efficient, effective security solution. When you manage an environment with shared data, you need a security system that protects data at various access levels. You also need the flexibility to define the most effective and efficient path to that data across business groups, tables, departments, pages, and so forth. PeopleSoft uses an approach that enables you to set up data access at different entry points within the system.
Security access falls into three categories:
PeopleSoft application security.
Network security controls the overall point of entry into system hardware and software. Database security narrows the scope of user access to information. Application security enables you to control access down to the level of an individual field.
Most system users typically have access to a defined set of functions, pages, or fields that enable them to perform their jobs. Examples of such users are:
Auditors who must review inquiry pages and generate reports.
Users who run PeopleSoft business processes.
Management information systems staff members who configure and maintain pages and records.
In PeopleSoft applications, you have full control over security definitions and how they fit together. The security options that you enter create a matrix that enables or blocks user access to data through a series of authorizations. Users pass through several levels of authorizations before the system grants them access to any subset of the data.
Important! Creating security for prompt values or rows of data is not the same as giving security access to pages, which you do in PeopleTools. Giving users access to pages by using PeopleTools is required in addition to the security setup discussed in upcoming topics.