Even More on Securing Entities in ASP.NET Dynamic Data
I should mention (as I failed to do so in my last post) that some of the information (in particular the use of the location element) came from David Ebbo and his answers to questions in the forums. If you want to take things even further and implement permissions at the table and field level then things get a little more involved. Stephen Naughton has written a series of articles showing how you might implement this.
This is v1 of Dynamic Data and, as David says on his blog, these were things the team wanted to do but had to be realistic with their feature set. It may make its way into a future release. Keep your eye on the product roadmap if you're interested in seeing what's coming in the future.