What security settings are provided Out of box for Request based workflows?
There is no OOB security for Request Workflows for Analyst based users. Customer and Employee roles have pre-defined DPs to control against access to the Request_Workflow_Task table. The closest there is to such security for Analysts would be to disallow access to Requests overall, as one would find in certain roles (such roles could have access to incidents or problems depending on its preferred document type).
One would need to create data partitioning to control access to Request Workflows for Analyst type users.
It is also important to note that starting with 17 releases of Service Desk, specific data partition functionality was introduced for Request_Workflow_Task table.