In this chapter, you have seen how to authenticate and authorize users and services when they are running in different Windows domains across the Internet. You have learned how to configure the SQL Membership Provider to authenticate users against credentials held in a SQL Server database, and the SQL Role Provider to specify the roles that a user has for authorization purposes. You also should understand how client applications and services can use certificates to authenticate each other and explain how they can use public and private keys to help protect the privacy of communications in a potentially hostile network environment.