Chapter 18

Security in the .NET Framework

What's in this chapter?

Concepts and definitions

Permissions

Roles

Principals

Code access permissions

Role-based permissions

Identity permissions

User Access Control (UAC)

Encryption

Hashing

Symmetric Key Encryption

Asymmetric Key Encryption

Digital Signatures

X.509 Certificates

SSL

Wrox.com Code Downloads for this Chapter

The wrox.com code downloads for this chapter are found at www.wrox.com/remtitle.cgi?isbn=9781118314456 on the Download Code tab. The code is in the chapter 18 download and individually named according to the code filenames throughout the chapter.

This chapter covers the basics of security and cryptography. It begins with a brief discussion of the .NET Framework's security architecture, because this affects all the solutions you may choose to implement. Note that this chapter goes into detail on security concepts, which in some cases aren't applicable to applications running under Windows RT. That operating system manages user access and permissions at a different level, and some of the capabilities from the past are simply prohibited.

The .NET Framework provides you with tools, and core functionality with regard to security. You have the System.Security.Permissions namespace, which enables you to manage runtime permissions along with role-based and identity permissions. Through your code, you can control access to objects programmatically, as well as receive information on the current permissions of objects. This security ...