Middleware security encompasses a wide range of potential considerations, ranging from the ability to utilize the security capabilities of middleware solutions (for example, CORBA, .NET, J2EE, DCE, and so forth) directly out-of-the-box in support of a distributed application to leveraging the middleware itself (paradigm) to realize complex and intricate security solutions (for example, discretionary access control, role-based access control, mandatory access control, and so forth). The objective in this chapter is to address the latter consideration: examining the attainment of advanced security capabilities using the middleware paradigm, namely, role-based access control (RBAC) and mandatory access control (MAC). The resulting security provides a robust collection of services that is versatile and flexible and easily integrates into a distributed application comprised of interacting legacy, COTS, GOTS, databases, servers, clients, and so forth.