Designing a Security Model
Perhaps the most important part of an enterprise level application is Security. The design for enterprise level security in a Silverlight application. This example will use WCF RIA Services to facilitate database access and server requests. The data context of the WCF RIA Services. What we want to have is a simple solution that will provide global security as well as ensuring authentication and authorization. WCF RIA Services come with built-in compatibility for ASP.NET membership provider. If you have a legacy system, you may already have your own security model in place. Our approach will use the built-in object model but go against our own proprietary security model. In our last post, we discussed providing a security model that would allow more than just screen level security. Most security models only provide screen level security. Most clients often and usually demand lower level security than just at the screen level. The clients usually want to have a security model that allow you to define screen level as well as sub parts within the screen as well. Clients also want to have data level security as well. This is very difficult to have in place without custom coding. We are going to try and see if we can’t provide a model that will provide screen level, screen part level, and data level security.
Stay tuned for our proposed security model.