This chapter describes the security benefits inherent in using the .NET Framework and explains the complementary features of .NET Framework user (or role-based ) security and .NET Framework code-based (or code access ) security. We recommend that you use this chapter as follows :
Understand the two-layered defense provided by the .NET Framework . Rolebased security allows you to control user access to application resources and operations, while code access security can control which code can access resources and perform privileged operations.
Create applications that use the security concepts in this chapter . This chapter tells you when you should use user-based security and when you should use code-based security. After reading this chapter, you will be able to identify how any new applications you create can be more secure by using role-based or codebased security.