Key Concepts
.NET security protects code from misuse and damage by other code by enforcing certain restrictions on managed code. Managed code can request the permissions it needs, and security policy (managed by an administrator) can determine whether to allow the code to run. The .NET Framework provides two types of security: code access and role-based.
Before we delve into the details of the .NET security model, it will be helpful to discuss some key concepts. At a high level, .NET security can be divided into five different areas: permissions, authentication and authorization, principal objects, type safety, and security policy.
Permissions
In a .NET application, managed code can do only what the Common Language Runtime (CLR) allows it to. ...
Get Building e-Commerce Sites with the .NET Framework now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
