Doesn't matter, YOU CAN keep those files separate, just give the following in:
prefix can be say your project name for example and spring's the folder or package where your xml config resources might be ... that way all your bean definitions would be available, I think it is a good practice to keep security config separate ... just a thought.