Securing a P&M site involves protecting the Membership Directory, system software, and application content from unauthorized use, while making them available to authorized users. The Membership Directory must be accessible to site administrators for performing site management, to Web developers for managing data sources and the Site Vocabulary, and to P&M tools that require access to the Membership Directory. Application content such as Web pages or newsgroups must be accessible to its intended users and (optionally) protected from use by others.
P&M site security does not directly provide support for message integrity, data encryption, or network security. These services must be obtained from other parts of the system, such as Windows NT® Server or third-party services. Membership does allow Secure Sockets Layer (SSL) connections between the client and the application server, as well as between the application server and the Membership Directory.
The topics in this section discuss the following aspects of security: