SharePoint 2010 Products are logically divided into three distributed tiers: the front-end Web server tier, the application server tier, and the back-end database tier. Administrators and IT pros are empowered to control and manage access to the resources that reside within each of these tiers. Access to network resources can be centrally managed using the tools and methods described in the planning, deployment, and operations articles listed in the following security and authentication resource centers for SharePoint Server 2010 and SharePoint Foundation 2010.

An important new authentication feature of SharePoint 2010 Products is the ability to choose between claims-based authentication and classic-mode authentication when you create a Web application. Classic-mode authentication refers to the Integrated Windows authentication model supported in Office SharePoint Server 2007. Claims-based authentication is built on the Microsoft Windows Identity Foundation (WIF). WIF is a set of .NET Framework classes designed to enable the creation of claims-aware applications. A claims-aware application created with WIF can process WS-Federation authentication requests. WS-Federation is an authentication protocol that builds on two other standard protocols: WS-Trust and WS-Security. WS-Federation supports the token-based authentication architecture that enables a Web application to require a security token for authenticated access to resources.

For more information, see the following resource centers:

Security and Authentication for SharePoint Server 2010: http://technet.microsoft.com/en-us/sharepoint/ff601872.aspx
Security and Authentication for SharePoint Foundation 2010: http://technet.microsoft.com/en-us/sharepoint/ff601873.aspx

We also welcome any questions or feedback.

-- Douglas Goodwin, Writer, Office Servers UA