In SharePoint 2007 version we can only apply the query time security trimming on BDC Entities, Where in SP 2010 / 2013 you can implement the security trimming in the Crawl time also.
If you wish to trim your SharePoint search results on external system using BCS based on your own logic, there are two approaches:
- CRAWL time security trimming
- QUERY time security trimming
Applying security trimming logic at query level needs to be checked against every item returned from the search query for current user. It’s a very heavy process. When we use NTLM users to apply permission for the individual items in the external system then it’s better to go with CRAWL time security trimming. In the crawl time security trimming approach, you just need an additional column in the external system table which will be used to save the permission details for each item. This will work if you are building a new BCS Model from the scratch. It’s very difficult to apply crawl time security trimming logic in an ongoing complex BCS application. So in that case you can better use query time security trimming approach.
Please refer this article – http://msdn.microsoft.com/en-us/library/gg294169.aspx