Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Standard view
Full view
of .
Look up keyword
Like this
0 of .
Results for:
No results containing your search query
P. 1
Peoplesoft Security

Peoplesoft Security

Ratings: (0)|Views: 17 |Likes:
Published by shery2710

More info:

Published by: shery2710 on Jun 07, 2014
Copyright:Traditional Copyright: All rights reserved


Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less





Implementing Security in PeopleSoft
Implementing Security in PeopleSoft:
 A. Introduction: PeopleSoft Version 8.46
This document provides guidelines and best practices for the end users to use to secure PeopleSoft data, specifically guidelines regarding confidentiality, user authentication, and access control. Security is especially critical for core business applications, such as PeopleSoft applications. Typically, what is needed is a need to restrict the usage, viewing and customization of the data and applications. PeopleSoft provides security features, including components and People Tools applications, to ensure that the sensitive application data, such as employee salaries, performance reviews, or home addresses, do not fall into the wrong hands. As the PeopleSoft Internet Architecture (PIA) is implemented, a robust and scalable means is needed by which the users can be grant authorization efficiently. Security can be applied to all users, including employees, managers, customers, contractors, and suppliers. Users are grouped according to roles give to them with different degrees of access. For instance, there might be an Employee role, a Manager role, and an Administrator role. Users who  belong to a particular role require a specific set of permissions, or authorizations, within the system, so that they can complete their daily tasks. The objects and definitions in the PeopleSoft development environment must also be secured from viewing. Restriction can be implemented to block the end users from accessing particular  pages and components, also to restrict the definitions that the site’s developers can access using PeopleSoft Application Designer. A definition refers to any of the definitions that are created within PeopleSoft Application Designer, such as records, pages, or components. Each object definition may have individual security needs. Accessing a PeopleSoft application requires first passing through several layers of network, OS, and DB security. These capabilities are defined by the technical environment and need to be configured outside of PeopleSoft. A pictorial representation of the same is given below:
Implementing Security in PeopleSoft
Security can be implemented in the following ways which shall be explained in detail:
User security. 2.
Lightweight Directory Access Protocol (LDAP). 3.
Authentication and single sign on. 4.
Pluggable cryptography. 5.
Query and definition security. 6.
PeopleSoft personalization.
Implementing Security in PeopleSoft
1. User Security:
A security definition refers to a collection of related security attributes that are created using People Tools Security. The three main PeopleSoft security definition object types are: The three main PeopleSoft security definition types are:
User Profiles
 (a set of data describing a particular PeopleSoft user)
 (intermediate objects that link User Profiles to Permission Lists)
Permission Lists
 (a set of pages and allowable actions on those pages) The hierarchy that needs to be followed to implement user security is :
Definition of permission lists ,followed by creation of roles and finally assigning these roles to User Profiles.
user profile
 is a definition that represents one PeopleSoft user. Each user is unique; the user  profile specifies a number of user attributes, including one or more assigned roles. Each role that's assigned to a given user profile adds its permission lists to the total that apply to that user.

You're Reading a Free Preview

/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->