Security planning involves defining authorization and authentication strategies for your application.

• Authentication: proves to the application that you are who you say you are. Pega applications support several authentication protocols.
• Authorization: tells the application which functions you may perform. Pega applications define this using access group and role configurations.

Pega security planning additionally involves configuring the application’s operational structure and operator. attributes

Pega applications provide organization the ability to fine-tune security control through using access settings and denial rules in the application. Many integration rules also incorporate authentication.

Defining the security model includes these tasks:

• Supported authentication schemes
• Defining an authentication scheme
• Configuring the authorization scheme in the application
• Defining theproduct operational structure
• Defining the operator attributes