This specification discusses requirements for Role-based Security mechanisms in the NGWS runtime the supporting infrastructure provided to address those requirements. Role-based Security is a common application concept in which one makes Authorization decisions based on the identity and/or role(s) for the entityon whose behalf an application is executing. The definition of “roles” is typically application specific as are the conditions under which one is willing to authorize specific actions.