Imperative Versus Declarative CAS
Just as we saw in the previous chapter on user-based security, CAS can also be implemented in either an imperative or a declarative manner. We will also see shortly that, just as was the case in user-based security, imperative CAS can be implemented using two slightly different approaches.
The first of these imperative approaches involves the explicit use of the Evidence class. This approach is sometimes referred to as explicit evidence-based security, because you explicitly evaluate host and assembly security evidence in making programmatic decisions. The other imperative approach makes use of various permission classes, derived from CodeAccessPermission, that automatically throw a SecurityException where appropriate. ...
Get .NET Security and Cryptography now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
