Currently ArcGIS Server security only supports service level security. I need layer, field, and row level security as well. For example, user A may only be able to see two layers in a service while user B can see three layers. Also user A may only see limited fields and rows (based on a unique definition query for that role) where user B would see different fields and more rows. Separating out these unique combinations into different services is unmanageable.