The Desktop Client is used to configure the security model by creating and relating security objects. No additional schema modeling of classes, interfaces, or relationship definitions is required.
Once the security access model is designed, the various levels of access are modeled by creating access groups and relating them to roles. The access groups are related to the relevant methods, interfaces, and view definitions to which they grant access.
For more details about the model used, see How to Configure the Security Model.
The security access found in the delivered model is detailed in Summary of Delivered Core Security Model.