Chapter 38. What Is Role-Based Security?
Role-based security is a form of user-level security where a server doesn't focus on the individual user's identity but rather on a logical role she is in. This can be implemented many ways. One way is to simply install some local groups on the server machine that represents roles. The server application can then look for these group SIDs (Item 20) and make security decisions based on the groups' presence or absence. For example, if special privileged access to the server is restricted to members of the Admins role, a local group called APP_NAME_Admins
can be created to represent that role.
What's nice about this simple role-based architecture is that it simplifies life for both the developer and the administrator ...
Get The .NET Developer's Guide to Windows Security now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.