Secure First puts forth three distinct security models – a Security Architect can decide over which model is best suited for their subsystem during the product-planning phase.

Simple Security Model (SSM)
This is the simplest among the three models available. In this, the users are maintained through user and user-group management applications. Access is defined at application level or subsystem level and Access can be defined at CRUD-AC (CreateReadUpdateDelete-AssignCopy) level as well.

Function Security Model (FSM)
Here, access is defined at the function level. Say for example, a specific user can be denied with access to a particular system resource such as a specific Form, Control, Field, Service, Menu, Process, Rule or Deletion of Entity Class (such as Books or Doctors).

Data and Function Security Model (DSFM)
This is a very powerful model where the security can be defined at a much more detailed level. Here, Security can be custom-defined at the record level. For example, a user can be denied with access to a particular Book or a Doctor.

Applications can be mapped to AppDomains and access can be custom defined for a specific group of applications.

SSM provides speed, performance and low maintenance while DSFM offers high flexibility and limited search capabilities. A true, complex enterprise App may need to engage some of the mighty features offered by FSM.

For certain custom implementations, Secure First also enables Client Accounts for cloud-based or multi-tenant implementations. Client accounts and data are logically isolated. Secure First also allows the definition of Installations, which help coexistence and multiple implementations.

Secure First also provides logging of information, usage tracking and usage limiting features.

Complex data security models such as Data Zoning and Data Segmentation can also be engaged in this model.

Every data element can be organized and stored into predefined data domains or data segments. A user can be given access to only selected domains or segments. By strategically defining the data domain and data segments, organizations can achieve a highly flexible security model. For example, a data domain could be defined in fine alignment with your Line of Businesses and data segment can be defined also based on regions.