I am pleased to announce the release of the white paper, Scalable Security Modeling with Microsoft Dynamics CRM 2013, which is available for download from the Microsoft Download Center at:
Microsoft Dynamics CRM 2013 offers a wide range of security modeling features, and it is important to choose the most appropriate approach to implementing a particular solution. Each feature offers a combination of characteristics that provide a balance between granularity of access control, administrative ease, and impact on scalability. Having an understanding of the underlying mechanisms supporting each security modeling feature can be useful when selecting the best approach to solving a particular challenge, especially when planning to develop a large volume system.
Granting a user access to the system can be broken out into:
- Authentication: Determining who the user is and confirming that they are who they say they are
- Authorization: Determining whether the authenticated user is entitled to access the system and what within the system they are permitted to see or do
Authentication in Microsoft Dynamics CRM 2013 is handled using platform features such as Integrated Windows Authentication or Claims Based Authentication with an identity provider such as Active Directory Federation Services. These all determine the user identity requesting access to the system. The deployment and scalability of the technologies supporting authentication is best described by resources focused specifically on those technologies and is therefore out of the scope of this document.
After a user has been identified, information recorded about the user within the Microsoft Dynamics CRM 2013 system itself, such as the associated security roles and team memberships, is used to determine whether that user is allowed to use the system and what that user is allowed to see and act on within the system, or what that user is authorized to do.
This paper describes how these security modeling features in Microsoft Dynamics CRM 2013 for authorization work at scale, the implications associated with these features functioning at high volumes, and guidance on common and recommended usage patterns for modeling Microsoft Dynamics CRM 2013 security at scale, incorporating teams as appropriate.
I’d especially like to recognize the efforts of Roger Gilchrist and the CRM Product Team for contributing to and reviewing this paper to help ensure its completeness and technical accuracy.
CRM Content Publishing - Enterprise Audiences