I've been a SQL server developer thus far, but I'm now having to make an ASP.net MVC5 application to allow users to access the data. Previously, all access was via (SSL encrypted) ODBC connections which were secured using SQL Server logins. I'm comfortable with SQL Server security management; I have a bunch of defined roles and access is usually granted or denied at the schema level. This also allows me to easily monitor/audit access and data changes.I've been a SQL server developer thus far, but