InterSystems security provides a very flexible application security model. The use of an application can be restricted to a particular set of users, or open to all users. For users authorized to use an application, the security model supports a flexible role escalation model:
The application can execute with only the user's permissions.
The application can add permissions for some users (using target and matching roles, covered later in the tutorial).
The application can add permissions for all users (using application roles, covered later in the tutorial).
The application can add some permissions for all users while adding other permissions for only some users (using a combination of application roles with target and matching roles).