Chapter 4. Securing SharePoint Sites
Every SharePoint site needs security to ensure users are limited to performing just the tasks they ought to be performing. You would not want an unauthorized employee viewing the Human Resources files, nor would you want a nonemployee accessing certain corporate documents. Security policies dictate user access, user rights, and user permissions. Windows SharePoint Services incorporates a flexible and dynamic security model that allows administrators and users to control access to their pages with ease.
In this chapter, you will learn how Windows SharePoint Services authenticates users and grants permissions. This chapter provides detailed steps and overviews on:
User and site group management
Security architecture
Assigning roles to objects and sites
Once you have completed this chapter, you should understand how to secure a SharePoint team site.
Users and Site Groups
Users access SharePoint sites to add, view, edit, and delete content. To ensure users retrieve the appropriate content, Windows SharePoint Services provides you with a flexible security model. Whenever you work with security, you have to consider two separate but equally important processes:
- Authentication
The process of authentication determines whether a user is who he says he is. Authentication generally involves comparing a username and password to a set of stored credentials. The credentials prove that the user accessing your site is a legitimate user.
- Authorization
Once you have authenticated ...