About Security in a BackOffice Environment

Security in the Microsoft® BackOffice® environment is provided by Microsoft® Windows NT® security subsystems and is based on the Windows NT security model. To properly incorporate security concepts into your application, you need to understand the following about the model:

• The data structures, such as access control lists (ACLs), access control elements (ACEs), security descriptors (SDs), and security identifiers (SIDs).
• How the operating system itself employs security. You can think of the security API as a set of services that are provided for server applications to protect objects from unauthorized access by clients, similar to the way the event log API provides services that help device drivers and applications log errors and notification events.
• How BackOffice components use the security data structures and leverage the security APIs provided by the Microsoft® Win32® API to establish and protect objects.

Windows NT allows you to establish a full range of security levels, from no security to C2, the strictest application security level. The following topics describe many important concepts surrounding use of the Windows NT security features in your BackOffice server or client application.