Security generally takes two forms with respect to search:
End-users have access to certain items in the index and
End-users have access to certain parts of the items in the index.
In other words, there are item-level (or document-level) security requirements and statement-level security requirements. ATG Search handles both of these requirements by using the constraint types described above. First, document sets or properties can represent item-level security groups or roles, and constraining on those two types will implement item-level security. Second, fields can represent security groups and roles within the content of an item, and constraining on fields will implement statement-level security.