The most efficient way of controlling which users should be allowed to access images is best done via roles. A role is a very simple concept but a lot of people who have never used them struggle to understand what they do.
A role enables fine-grain access to a set of images. It enables security to be configured based on the business requirements. Roles also enable security to be changed very quickly and easily.
With security one has to always remember that it's a balancing act. The more restrictive and tighter the security, the less chance there is of unauthorized access. The tighter and more restrictive the security is, the harder it can actually be for a user to do their job, to perform queries, or do things quickly. The less security, the greater the chance of a digital object being stolen or damaged. One goal of a warehouse is to allow users to do ad hoc and complex queries without the burden or restrictions of an OLTP environment. Each organization is different and has their...