Guarding Data

When you make your data, you can use the user authentication mechanisms discussed to guard the data. You can use Access Control Lists to guard files and SQL-based security to guard data in your database. As part of your security for the Web Service, consider using a combination of user identity and other security mechanisms as a way to protect your data. For example, SQL server allows you to limit who can and cannot access various databases, tables, and stored procedures. NTFS limits what files a particular user can access. Active Directory can be used to limit what network resources to which the user has access. An effective security plan uses a combination of methods to keep things safe. By authenticating the user using Windows Integrated Authentication and denying anonymous access to the Web Service, the Web method will impersonate the caller when it executes. Any rights given to that caller will be enforced. This includes access to files, network resources, and database objects.