Summary

In this chapter we explained the major concepts behind CAS and the range of possible security risks that CAS can address. We considered how security is enhanced by way of the execution environment provided by the CLR and the verifiably type-safe nature of .NET managed code. We investigated security policy management and the use of code access permission classes by creating and then denying or demanding those permissions. We also investigated how to implement imperative and declarative CAS and how to manage security using the .NET Framework Configuration Tool and the Caspol.exe utility. Finally, we saw how to define a permission set in an XML application configuration file to enhance the flexibility of application security management.