Showing posts with label Security. Show all posts
Showing posts with label Security. Show all posts

What are Access Deny rules in Pega

 Access Deny rules in Pega are security rules used to define user access restrictions to system data. These rules determine which users can view, edit or delete data in the system. Access Deny rules are used to protect sensitive data from unauthorized access and help ensure data privacy. They can also be used to control which users can access specific functions and features within the application.



Advertisement

Difference between WHEN rule and Access WHEN in Pega

 When Rule is used to produce a conditional outcome or to decide when to run an activity or to make a decision. It can route documents to the different teams depending on the value in the document fields.

Access When Rule is used to restrict users from accessing a page rules and data. It specifies users who can access the pages and tasks by providing conditions. This rule is mostly used when a user has access to multiple pages.


Advertisement

Pega Access of Role to Object

 Pega Access is a powerful data security tool used in Pega Platforms to define access permissions for roles and objects. An object could be an application, report, service, clipboard page, rule set, etc. It can be used to control who can access what information and operations based on the roles assigned to them. Pega Access works by assigning permissions to objects or rules. These permissions can be set as public, private or privileged. This helps in managing user access to different objects based on roles, data visibility and various other security and compliance requirements.



What is Pega RBAC?

 Pega RBAC (Role-Based Access Control) is a security feature of Pega Platform that authorizes users to Pega application functions based on their assigned roles. It assigns permissions and access control to roles that are used to control user access. RBAC is based on the concept of a "role" as it applies to an individual's relationship to an application or system, and the access and privileges associated with it. RBAC provides administrators with the ability to quickly grant and revoke access and securely manage users throughout an organization.



What is Pega ABAC?

 Pega ABAC (Attribute Based Access Control) is a model used to control user access to information in an enterprise system. It uses attributes associated with the user, the resource, and the environment in order to determine which users should be authorized or denied access to a resource. Pega ABAC also makes use of policies and rules to determine the level of access a user should have.



What is Security in Pega?

Pega Security is the system of tools, policies, user roles, and processes used to define and protect the use and management of the Pega platform and its data. Pega Security is designed to detect, prevent, and respond to security threats, risks, and attacks to the Pega platform, data, and applications. It also helps to ensure the privacy, integrity, and availability of customer data.



Authentication in Pega Connect-REST?

Pega Connect-REST supports multiple authentication schemes, including OAuth2, basic authentication headers, and custom headers.

OAuth2 is recommended for authenticated applications.

Basic authentication can be used if user identities are required, but these types of applications are often vulnerable to attack and require additional security measures.

Custom headers can be used to provide session-based authentication, where the header is passed with each request and contains authentication information.

Custom headers require additional development effort, but can provide more control over authentication and greatly improve security.