Rhino Security is meant to solve a recurring problem, that of applying security concerns in your applications. Security concerns are no longer simplistic role based operations in most systems. We now need to apply security concerns to data and operate in an environment where security decisions are based upon business specific logic. The increase in complexity for security decisions means that there is an increased chance for bugs, security breaches and data vulnerabilities.

Rhino Security integrates into NHibernate and provides framework level support for row level security on top of any domain and against any database. Using Rhino Security, you can filter data at the database level, manage your security infrastructure through a simple API and have a highly customizable and flexible security infrastructure.

Rhino Security was born out of real world needs, and has been used in production for years. While most security systems use the Users & Roles metaphor, this is rarely a valid approach in real enterprise scenarios. You often want to do more than just the users and roles, such as granting and revoking permissions from individuals, business logic based permissions, etc.

Rhino Security is:

  • Performant
  • Human understandable
  • Flexible
  • Ability to specify permissions using the following scheme:
  • - On a
  • - - Group
  • - - Individual users
  • - Based on
  • - - Entity Type
  • - - Specific Entity
  • - - Entity group