I have read that in his book as well online but I am looking for on the approach side and how to document it.
Why cant you create some dummy roles and users 'Admin' / 'Super User' / 'User' using default LDAP authenticator in 11g on sandbox/dev environment (hope you on 11g ) ?
Admin --> All SA access
Super User -->kind of Author for specific /multiple SA
User --> Some specific reports/dashboards for single SA (with Row-level security&Object Level security)
Give Read/Full Control/No Access on catalog items.Prepare a document with your existing setup (no security) and compare with Role based security & data security
some good templates used for editing the security in the RPD
Is it Something related to SubjectArea and Column level acesss in RPD?