Chapter 32. Security in the .NET Framework
WHAT YOU WILL LEARN IN THIS CHAPTER
Concepts and definitions
Permissions
Roles
Principals
Code access permissions
Role-based permissions
Identity permissions
User Access Control (UAC)
Encryption
Hashing
Symmetric Key Encryption
Asymmetric Key Encryption
Digital Signatures
X.509 Certificates
SSL
This chapter covers the basics of security and cryptography. It begins with a brief discussion of the .NET Framework's security architecture, because this affects all the solutions you may choose to implement.
The .NET Framework provides you with best practices, tools, and core functionality with regard to security. You have the System.Security.Permissions namespace, which enables you to control code access permissions along with role-based and identity permissions. Through your code, you can control access to objects programmatically, as well as receive information on the current permissions of objects. This security framework will assist you in determining whether you have permissions to run your code, instead of getting halfway through execution and having to deal with permission-based exceptions.
Cryptography is the cornerstone of the .NET Web Services security model, so the second half of this chapter discusses the basis of cryptography and how to implement it. Specifically, it covers the following:
Hash algorithms
SHA
MD5
Secret key encryption
Public key cryptography standard
Digital signatures
Certification
Secure Sockets Layer communications
Let's begin by looking ...
Get Professional Visual Basic® 2010 and .NET 4 now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
