O'Reilly logo

Professional C# 2008 by Karli Watson, Morgan Skinner, Jay Glynn, Bill Evjen, Christian Nagel

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 20

Security

Security has several key aspects to consider. One is the user of the application. Is it really the user, or someone posing as the user, who is accessing the application? How can this user be trusted? As you will see in this chapter, the user first needs to be authenticated, and then authorization occurs to verify if the user is allowed to use the requested resources.

What about data that is stored or sent across the network? Is it possible that someone accesses this data, for example, by using a network sniffer? Encryption of data is important here.

Yet another aspect is the application itself. How can you trust the application? What is the origin or evidence from the application? This is extremely important, for example, in a Web hosting scenario. A Web hosting provider does not allow its customers to access all resources from the system. Depending on the evidence of the assembly, different permissions for the application apply.

This chapter explores the features available in .NET to help you manage security, including how .NET protects you from malicious code, how to administer security policies, and how to access the security subsystem programmatically. The topics of this chapter are:

  • Authentication and authorization
  • Cryptography
  • Access control to resources
  • Code access security
  • Managing security policies

Authentication and Authorization

Authentication is the process of identifying the user, and authorization occurs afterward to verify if the identified user ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required