Portal Group Name is not sufficient for user authorization

[zjankovsky]

Hello, I am trying to create SOI for user accessing different features based on its portal group. Something like your examples NetLayerAccessSOI or NetOperationAccessSOI.

But I figured out that access according to Portal Group Name is not sufficient: anybody with User role on portal or higher can create group with same name and therefore grant access to some resources base on this.

This is quite a big security issue. I didn't find the way to access Portal groups IDs - which are unique in .NET SOI. Or does anybody have other way how to uniquely identify Portals’ groups?

Thank you.