Security Attributes

Previous page
Table of content
Next page

Chapter 14

Security Attributes

As a platform for massively distributed operations, the Microsoft .NET Framework must have an adequate security mechanism. We all know that distributed platforms, especially those exposed to the Internet, are the favorite targets of all sorts of pranks and mischief, which can sometimes be very destructive.

The security system of the .NET Framework includes two major components: security policies and embedded security requirements. Security policies are part of the .NET Framework setup and reflect the opinions of the system administrator and the system user regarding what managed applications can and cannot do. Which policies are established can depend in part on the general origin of the application (for example, whether the application resides on the local drive of a machine, is taken from a closed intranet, or comes from the Internet), on the software publisher (for example, whether the system administrator feels differently about applications published by Microsoft or IBM and those published by tailspintoys.com), on the URL specifying the application’s origin, on a particular application, and so forth. Important as they are, these security policies and their definition are beyond the scope of this book, and, with regret, I will forgo a detailed discussion of this topic.

Embedded security requirements are embedded in the applications themselves. Effectively, the embedded security requirements tell the common language runtime which rights an application needs in order to execute. The runtime checks the application’s security requirements against the policy under which the application is executed and decides whether it’s a go or a no-go.

Embedded security requirements are of two kinds: imperative security, which is part of the application’s code; and declarative security, which is part of the application’s metadata. Imperative security explicitly describes the operations necessary to perform a security check—for example, calling a method to query the runtime whether the application is given a certain right. Declarative security is a set of security attributes assigned to certain metadata items (the assembly as a whole or a certain class or method). Each of these attributes describes the rights that the corresponding item needs in order to be loaded and executed.

This chapter concentrates on declarative security because it is an important part of metadata and because you need to know how it is defined in IL assembly language (ILAsm). Besides, I have a feeling that many aspects of imperative security, and even security policies, can be deduced from an analysis of declarative security.


Previous page
Table of content
Next page
Inside Microsoft. NET IL Assembler
Inside Microsoft .NET IL Assembler
ISBN: 0735615470
EAN: 2147483647
Year: 2005
Pages: 147
Authors: SERGE LIDIN
BUY ON AMAZON
CISSP Exam Cram 2
The CISSP and CAP Prep Guide: Platinum Edition
Practical Intrusion Analysis: Prevention and Detection for the Twenty-First Century: Prevention and Detection for the Twenty-First Century
Google Maps Hacks: Tips & Tools for Geographic Searching and Remixing
Visual Studio Tools for Office(c) Using C# with Excel, Word, Outlook, and InfoPath
MPLS Configuration on Cisco IOS Software
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy