So in this case you would be looking for the security domains to be statically defined within the application rather than centrally defined / manageable within the domain model - so to modify the configuration of a security domain the administrators would be required to redeploy their apllication across their domain to pick up a new configuration.