Restricting ESS role to view only own data
I was trying to understand the way ESS role works in ERP. I created a role with P_PERNR auth object and allowed it access to several Infotypes like address 0006 and allowed it to have Interpretation to be "E" and assigned it to my user id. I thought if I run a simple report which basically looks up data like address, I will not be able to view my own data but can see other's addresses. But that did not happen, I could see everyone's addresses including mine. Is my understanding of P_PERNR correct ? Do I need any more auth objects to get the desired result ? How do I go about restricting access for a user so that user can see only his data and not others and other way as well where user sees other people's data but not his ?
Based on documentation it sounded simple enough to use only P_PERNR, but may be I am missing something very basic.
Please help me understand the basic concept.