leastprivilege.com
The State of Security in ASP.NET 5 and MVC 6: Authorization
The hardest part in designing an application is authorization. The requirements are always so app-specific that for 10 applications you often see 12 different implementations. To make things worse,…