The security model includes the following components:

• Operator ID and password — both are required for users to access the system. This is part of the Pega Smart Investigate For Payments Sample layer.
• Authentication and authorization — using the product requires both authentication and authorization. Authentication is the validation of users’ identities via operator IDs and passwords when they log on; authorization is the use of access roles and privileges to provide access to specific classes and rules.
• Access roles — these provide users access to specific classes and privileges.
• Access groups — these provide groups of users who require the same security settings access to particular rulesets and portal layouts.
• Workbaskets and routing — workbaskets are shared pools of assignments from which users select work. Routing activities distribute assignments to user worklists based upon factors such as priority and operator skill.
• Work pools — users can access the types of work represented in work pools. The work pools a user can access appear in a selection list on the user’s portal layout. Work pools are also referred to as class groups.
• Access to business process actions — managers and supervisors control access to certain business process actions, such as performing manual SLA overrides.
• Access to ActiveX controls — if your security settings allow, ActiveX controls are downloaded when required. Most controls are for developers, though some may be required when users perform certain tasks.