I am familiar with three layers viz. view model & controller.
Now i want to separate another two layers viz. Security layer & Business logic layer apart from these.
So how do i do this?
Let's say controller is ok but which user have that privilege, is i want to decide in security layer & if it pass this layer it goes to business layer in which complex query will be executed like business rules.
so can any one help me with small code?
The 3 MVC layers are really only applicable from the standpoint of the user interface so the two additional layers that you note are really part of the Model.
In a DDD-type design, you would have your controllers call out to an application service that would handle checking with the security layer if the action is authorized and then either executing the action against your business layer (i.e. Core Domain Model layer) or returning back an "access denied" type message back to the controller.
Alternatively, instead of using the application service layer, you can just have the controller call directly to the business logic layer which does the security checking internally (calling out to the security layer) but depending on how complex your business logic is, it may be less clear to have it intermixed with your authorization checks to the security layer.
MVC Framework is supposed to be a presentation framework.. In a 3 layered architecture, it is the presentation layer.. Now LINQ to SQL is a Data Access Layer, and it should not be at the presentation layer instead it must be at the Business Layer (Service Layer)
This link may help you.. link text