Summary


This chapter has shown you how to use role-based security to keep your system secure—at least to a point. I hope you also noticed all of the tips, caveats, and warnings telling you that role-based security isn’t perfect. I don’t imagine any system can provide perfect security so long as you need to address the peculiar behavior of some users. In addition to all of the new programming techniques you’ve learned, you should also realize that constant monitoring and vigilance are the only tools that actually keep your system safe. Once a security breach occurs, you must act quickly to seal it or suffer the consequences.

The number one problem that this chapter doesn’t solve is the issue of setting up roles and implementing the security. Sure, you can write a program right now that will contain role-based security and provide your application with everything it needs to keep crackers at bay. However, that’s the coding side of the issue and it’s not enough to keep your system safe. If you really want to make your application safe, you also need to spend time setting up roles that make sense for your application and add human safeguards into the equation. Consequently, before you write one line of code, you need to create a security plan. The plan has to include everything you want to add to your application or the security system simply won’t work.

Chapter 5 discusses two important topics: code groups and security policies. You’ll learn that code groups are code access security specific, but that security policies affect both role-based and code access security. The important issue in this chapter is the idea of security documentation. A code group and a security policy define security. It’s like writing the goals of a security measure down so that the implementation is consistent throughout a particular range of resources, machines, users, and groups.




.Net Development Security Solutions
.NET Development Security Solutions
ISBN: 0782142664
EAN: 2147483647
Year: 2003
Pages: 168

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net