Chapter 10: Securing Your Application for Deployment

Overview

Key concepts in this chapter are:

• Using various techniques to deploy applications and components

• Signing applications with Authenticode and strong-name signatures

• Granting applications more permissions by modifying security policy

• Deploying .NET code-access security updates

• Protecting your code through obfuscation

In this chapter, you’ll learn about techniques you can use to secure your Microsoft Visual Basic .NET applications and components for deployment. This includes techniques for securing your setup deployment package and the Visual Basic .NET application (and components) contained within the setup package. If you are distributing your software over a nonsecure deployment medium such as the Internet, you should take one or more of the following measures to secure your application for deployment:

• Certify yourself as the publisher of the software There should be no doubt the software was published by you and not an imposter. Later you will learn about Authenticode signing as a way of certifying yourself as the publisher of the software.

• Protect your software from being modified The integrity of your software should not be compromised in any way. You can use strong-name signing (described later) as a means of guaranteeing the integrity of your software.

• Restrain your software from performing destructive actions Your software should not be allowed to perform any destructive actions even if the software attempts to do so. In the next section, you’ll learn which deployment techniques provide the most restraint over your code by means of the .NET code-access security system.

The deployment techniques described in the next section should help you decide which of the above measures you need to take. Let’s take a look at those techniques.