Security in domain-driven design

Application development is a process that becomes increasingly complex depending on the intricacy of the application being developed. Development techniques and methodologies exist to manage and control the complexity of this development process. Amongst the techniques introduced to manage the complexity of the application development process is Domain-driven design (DDD). DDD prescribes a specific application of separation of concerns to the application model into a domain model and DDD-services. This Masters assignment investigates how to handle issues concerning the modelling and implementation of authorization and authentication functionality in an application developed according to the DDD principle of separating domain-related functionality from domain-independent functionality. This means an application where security functionality is located in a DDD-service.