O'Reilly logo

Programming .NET Security by Allen Jones, Adam Freeman

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 10. Role-Based Security

The most significant security enhancement added to the .NET Framework is code-access security, which we discussed in the previous chapters. However, at times it is still necessary to make security decisions based on the user running the code, as opposed to the identity of the code itself. For this purpose, the .NET Framework supports a simple role-based security model. In this chapter, we explain what role-based security is and discuss the .NET Framework's implementation. We describe the classes used to access role-based security and demonstrate how to use them in your programs.

Role-Based Security Explained

Role-based security (RBS) is a common security model in contemporary computing. When users wish to access a computer system, they must first prove their identity—a process known as authentication. Authentication requires the user to provide a set of credentials that uniquely identify him. These credentials are commonly a name and password but could be a physical token, such as a key card, or a biological attribute, such as a thumbprint. The computer system consults an authority to determine if the supplied credentials represent a known user and whether that user should have access to the system. During operation, the system relies on the user's authenticated identity when performing authorization—the process of determining what actions and resources a user has authority to access. A person's authority is expressed in terms of roles. A role is ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required