Summary

Previous page
Table of content
Next page
for RuBoard

Because the .NET Framework assigns trust to code and not users, evidence about code is a fundamental piece of .NET Framework security. Evidence can be viewed as the credentials for .NET Framework code. Generally, the same .NET application will have the same evidence, regardless of which user executes it.

Evidence is applied to assemblies and app domains. The Common Language Runtime provides default evidence when assemblies are loaded. Hosts can provide evidence for both assemblies and app domains, and assemblies can also provide evidence about themselves . However, assembly evidence does nothing unless security policy recognizes and uses it. Unmanaged hosts can only provide evidence regarding app domains, while managed hosts can provide evidence for app domains and assemblies. Managed hosts can utilize any of the APIs listed in Table 5.1.

As shown in Table 5.2, there are numerous different kinds of default evidence, all of which are located in the System.Security.Policy namespace. However, any object can be used as evidence. Again, though, nondefault evidence types must be recognized by security policy to have an impact.

for RuBoard

Previous page
Table of content
Next page
. NET Framework Security
.NET Framework Security
ISBN: 067232184X
EAN: 2147483647
Year: 2000
Pages: 235
Authors: Brian A. LaMacchia, Sebastian Lange, Matthew Lyons, Rudi Martin, Kevin T. Price
BUY ON AMAZON
Interprocess Communications in Linux: The Nooks and Crannies
Image Processing with LabVIEW and IMAQ Vision
Secure Programming Cookbook for C and C++: Recipes for Cryptography, Authentication, Input Validation & More
Practical Intrusion Analysis: Prevention and Detection for the Twenty-First Century: Prevention and Detection for the Twenty-First Century
.NET System Management Services
Cultural Imperative: Global Trends in the 21st Century
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy