The most significant security enhancement added to the .NET Framework is code-access security, which we discussed in the previous chapters. However, at times it is still necessary to make security decisions based on the user running the code, as opposed to the identity of the code itself. For this purpose, the .NET Framework supports a simple role-based security model. In this chapter, we explain what role-based security is and discuss the .NET Framework's implementation. We describe the classes used to access role-based security and demonstrate how to use them in your programs.