This paper explains to Microsoft Dynamics AX developers how the security artifacts should be configured when they are applied to various programming objects in the AOT. The challenges of under-permissioning, over-permissioning, and practical ease of use guide this discussion.
Microsoft Dynamics AX 2012 White Paper: Role-based Security Use Patterns for Developers