PeopleSoft provides multiple levels of security for protection of data, reports and other components. Peoplesoft Security is quite simplifies and provides a great level of control in the hands of the Security Administrator. Main types of security provided by peoplesoft are:
1. Application Security : This is the most common kind of security and is provided at the level of pages or components which may be accessible by the users. Users are granted Roles which are group of Permission lists. Permission list may control the Access at page level and may also decide if the page would be read only. In order to access peoplesoft, you must have minimum of one Role granted.
2. Data or Row Level Security : This is a critical component focussing on what data would be visible for the users. The Data visible to the users would be dependent upon Row Level permission lists. This may be defined at various levels based on Department, Position, Region etc. With the new releases there is flexibility to implement more than one level of security. Earlier versions only supported Department Tree based security.
3. Object Security: This is the security mainly concerned with the developers. PeopleSoft Technical objects may be made to read only and may not be modified by the developers unless granted the permission to do so.
4. Query Security: Queries are vital for the PeopleSoft users. Since there is a risk to expose the data to outside world so there are 2 levlels of security available. First level is to determine what records would be available for query and second levle decides about the data that may be fetched by them.
5. Field Level Security: this is kind of a customisaiton accomplished through the peopleCode. You may control what fields would be visible to the users based on the roles they have.
6. Process Security: What Process may be run by what users. Based on the process groups.
7. SSL or Web security: This is implemented using the SSL certificates implemented on the Web servers. Usually applicable in case there are Self service users connected over the internet.