BEE websites are identified by the Owner-Service duple, which represents a website (Service) owned by a customer (Owner).  All resources and settings including database platform, location, access right and franchisee (users allowed to run BEE applications on the operating system's shell) are specificed in the Owner-Service table.

A BEE website is defined as a collection of URLs.  In CROFT, you only need to specify the top most (shortest) URL and all paths underneath will have the same resource settings.  You can specify more than one URL even across different virtual servers (on the same physical server), so that they can share the same resource environment.

User login authentication are specified in the Auth table, again identified by the Owner-Service duple.  There is a concept of "realm" in BEE authentication.  For example, user "john" is different from john@sales or john@provider. The password tables of different realms can be at different locations, be encrypted in different ways, or have different access level when accessing the website.

Realm @provider is usually designated for the hosting provider's support staff.  Each support team member should have a logon in Realm @provider, and all websites should allow admin access from @provider.  This arrangement enables the team to login any of websites for support purposes without having to ask the customer for their admin passwords.

There are some default CROFT settings for each Owner-Service, such as the directory structure of its website.  These settings are too sensitive to be allowed in the scheme% class (which the developer would have full control).  The Scheme table is therefore used to store such settings.  Only the provider can alter these settings from CROFT.