PeopleSoft HRMS provides enhancements to the setup, use, and flexibility of row level security
What is
the Person Model?
•
The Person Model is a term used to describe the
information captured about a person and how the person is related to an
organization.
•
This model includes the core tables that are used by
all products that are directly related to a person and their organizational
relationships in the Enterprise HCM system.
Some
Enhancements Delivered by the Person Model
•
Ability to track a person without having to create a
JOB record
•
Ability to use the same ID for a person across
multiple relationships to the organization (Person ID)
•
Improves handling of Global Assignments
•
Separates the creation of a person in the system
from the creation of that person’s relationships with the organization
•
Provides greater tracking capability for your
workforce
Person
Model Foundation
•
Organizational Relationship Categories
o
Employees
o
Contingent Workers
o
People of Interest (POI)
Performance
and Usability Enhancements:
•
The
ability to secure access to job openings and department data, in addition to
person data.
•
The
ability to use more than one-way of securing your data.
•
Easier
setup and administration.
•
Better
performance and flexibility for refreshing security tables.
•
Real-time
updates to security tables.
•
Easier
setup of global and additional appointment security.
Understanding
PeopleSoft Security
•
PeopleSoft security continues to be based on
permission lists and roles
To
administer security:
•
Create permission lists.
•
Create roles and attach permission lists to roles.
•
Create user IDs and attach permission lists and roles
to user IDs.
Confirming Basic Security
Types of Data Security
•
User
o
User
security data is the data defined as a user’s security access. It enables the
system to ensure that users have access only to that which you have granted
them access.
§
Roles
§
Permissions
§
Row
Level Permission
•
Transaction
o
Transaction
data is the data that is being secured. Certain fields on a transaction data
row are used to secure access to that row.
§
Search
Records
§
Access
to “Record Key”
§
Security
Sets & Access Types
Security Sets and Security Access
Types
•
Security
sets represent a grouping of data that is being secured (WHAT).
o
For
example, people of interest without jobs is a separate security set from people
with jobs.
•
Security
access types are different ways of securing the data within a security set
(HOW). Each security set has a number of security access types that you can
choose to enable. Among other things, security access types determine:
o
The security transaction data.
o
If there is data security for future-dated rows.
o
If the access type uses a department security tree.
PeopleSoft delivers the following
five security sets
Security Set Table
•
The
system is delivered with the following security types enabled:
People
with Jobs(PPLJOB) Dept Security
Tree
People
without Jobs(PPLPOI) POI Type
Departments(DEPT) Dept Security Tree
Security Type
Delivered Security Types
Security Join Tables
•
The
system stores security data in security join tables (SJTs). There are SJTs on
both the transaction and user side.
Transaction Security Join Tables
User Security Join Tables
Typical process for setup of HCM
data permission security
Security by Department Tree
Security by Permission List
How the transaction security join
tables are kept up to date:
How the permission list user
security join tables are kept up to date:
When to update the user profile
security join table:
Unknown
POI Type
People
added without an Org Relationship will have an Unknown (00000) POI type
- This Unknown POI type will show up in Search Match
- However, only those users with row security access granted to view the Unknown POI type will be able to open their record
- Security access must be granted so that a relationship can be added to the Unknown POI type
- Once the relationship is successfully saved the system deletes the Unknown relationship
Implementation & Upgrade Considerations
·
Security
Approach
o
Rebuild
(Upgrades)
§
New Workflow
§
Products Utilized
§
Significant number of new roles
§
Conversion of security data
o
Plan
fully before starting
·
Security
Sets & Access Types
o
PeopleSoft
has delivered all the security sets you are likely to need. If you add new
sets, it is considered a customization!
o
PeopleSoft
has delivered the most common security access types you are likely to need. You
can add new types but it requires a very good knowledge of the application and
of SQL.
·
Integration
Broker
