Have the following requirements to acheive

1 ) Internet Users will connect to ASPX PAGE using anonymos authentication, so a specific authenticatin processs must be implemented to manage/verify users and passwords

2 ) After successfull login , the users will be able to access SQLSERVER from aspx pages (authorization will be based by passing the userid from the login procedure to Store Procedures to decide wich information is the user able to see)

3 ) Users can also connect to Analysis Server where Cell Security will be implemented (users will be distinguished by profiles, and each profile will need to be a Windows Account mapped to an Analysis Server Role)

4 ) The connection to AS will be made using a front-end application like Proclarity Web Standard

My question is: As the information to be delivered will be public and confidencial - based on profiles - which security measures do i need to look into it ? which servers do i need to run and which connections do i need to garantee bettween servers ? As we intend to also deliver such a solution in our Intranet can we reuse some of the servers ?