white paper on Scalable Security Modeling with Microsoft Dynamics CRM 2011 released

CRM Content Publishing team anounced the release of white paper, Scalable Security Modeling with Microsoft Dynamics CRM 2011.

The whitepaper is available for download from the Microsoft Download Center at: http://www.microsoft.com/en-us/download/details.aspx?id=39095

Microsoft Dynamics CRM offers a wide range of security modeling features, and it is important to choose the most appropriate approach to implementing a particular solution. Each feature offers a combination of characteristics that provides a balance between granularity of access control, administrative ease, and impact on scalability. Having an understanding of the underlying mechanisms supporting each security modeling feature can be useful when selecting the best approach to solving a particular challenge, especially when planning to develop a large volume system.

Granting access for a user to the system can be broken out into:

  • Authentication: Determining who the user is and confirming they are who they say they are
  • Authorization: Determining whether the authenticated user is entitled to access the system and what within the system they are permitted to see or do

Authentication in Dynamics CRM is handled using platform features such as Integrated Windows Authentication or Claims Based Authentication with an identity provider such as Active Directory Federation Services. These all determine the user identity requesting access to the system. The deployment and scalability of the technologies supporting authentication is best described by resources focused specifically on those technologies and is therefore out of the scope of this document.

After a user has been identified, information recorded about the user within the Dynamics CRM system itself, such as their security roles and team memberships, is used to determine whether they are allowed to use the system and what they are allowed to see and do within the system i.e. what they are authorized to do.

This paper describes how these security modeling features in Microsoft Dynamics CRM for authorization work at scale, the implications associated with these features functioning at high volumes, and guidance on common and recommended usage patterns for modeling Microsoft Dynamics CRM security at scale, incorporating teams as appropriate.