I came across this Business Rules use-case the other day .

Background

Cool Gadgets(fictional) is a Government lab. They do cutting edge research in security devices. They are an out & out Microsoft shop.They were running a government funded pilot project. The project was to build a new cool distributed security application, integrating inputs from a wide variety of sensors like Motion sensors, retinal sensors etc. The inputs from the sensors will be used to determine

1. When & how will the doors to an high security environment open.
2. What kind of tools can be used within a secure environment and what cannot be used
3. The scope of the application can be a single high security room, a cluster of high security environments, and even geographically distributed sections.

So what were the challenges?

1. These security procedures change often, probably on a daily basis
2. The people responsible for the security procedures could be scientists, technicians. Essentially, non-geeks!Therefore, a simpler user interface for security procedure management would be necessary
3. A high level of security regarding who can view, modify what security rules would also be required.

So, what did they do?

1. Essentially, the security procedures are the “Rules of the System”, and the information that needs to be validated is the input from the sensors!
2. They used a BRMS (QuickRules.NET) to capture the security procedures as Rules and externalize them from the application
3. The programming API available with the BRMS was used to custom build a simpler Rules interface
4. The security features available in the Rules repository (QuickRules.NET Repository) were put to use for fine grained role based access control
5. The Rule Engine for was integrated with their application for runtime & real-time security validation.