3. Database Security

For many developers, securing an application is the drudge work left after the fun and challenging development work is done. The good news is that Force.com makes security relatively painless, whether you think about it before, during, or after an application is built. The concepts of user identity, data ownership, and fine-grained access control are baked into the platform, requiring configuration rather than coding in most cases.

You might wonder why this chapter is about only database security rather than being a general discussion of security. After all, Force.com is more than a database. The reason is that the database is the center of Force.com development. Just as object definitions are leveraged throughout the platform to construct native user interfaces and strongly typed procedural code expressions, data security measures are equally pervasive.

This chapter contains the following sections:

Overview of database security—Take a high-level view of the database security features available in Force.com and how they interact to protect your data.

Object-level security—Get in depth on the methods for protecting individual data objects and their fields.

Record-level security—Learn how to control access to individual records within your Force.com database.

Sample application—Walk through the design and implementation of the security model for the Services Manager.