Code Access Security: In Pictures

Previous page
Table of content
Next page

Code Access Security: In Pictures

This section is a brief outline of the core elements of code access security in the .NET CLR. It is somewhat high-level and is no replacement for a full, in-depth explanation, such as that available in .NET Framework Security (details in the bibliography), but it should give you an idea of how CAS works, as well as introduce you to some of the terms used in this chapter.

Rather than going into detail, I thought I would use diagrams to outline a CAS-like scenario: checking out a book from a library. In this example, Carol wants to borrow a book from a library, but she is not a member of the library, so she asks her friends, Vicky and Sandy, to get the book for her. Take a look at Figure 18-1.

figure 18-1 carol requests a book from the library; she does so by asking her friends.

Figure 18-1. Carol requests a book from the library; she does so by asking her friends.

Life is not quite as simple as that; after all, if the library gave books to anyone who walked in off the street, it would lose books to unscrupulous people. Therefore, the books must be protected by some security policy only those with library cards can borrow books. Unfortunately, as shown in Figure 18-2, Carol does not have a library card.

figure 18-2 the library's policy is enforced and carol has no library card, so the book cannot be loaned.

Figure 18-2. The library's policy is enforced and Carol has no library card, so the book cannot be loaned.

Unbelievably, you just learned the basics of CAS! Now let's take this same scenario and map CAS nomenclature onto it, beginning with Figure 18-3.

figure 18-3 the library's policy enforcement in cas terms.

Figure 18-3. The library's policy enforcement in CAS terms.

Finally, in the real world, there may be ways to relax the system to allow Carol to borrow the book, but only if certain conditions, required by Vicky and Sandy, are met. Let's look at the scenario in Figure 18-4, but add some modifiers, as well as what these modifiers are in CAS.

figure 18-4 mapping real-world requests to a security system to make is useful.

Figure 18-4. Mapping real-world requests to a security system to make is useful.

As I mentioned, this whirlwind tour of CAS is intended only to give you a taste for how it works, but it should provide you with enough context for the rest of this chapter.


Previous page
Table of content
Next page
Writing Secure Code
Writing Secure Code, Second Edition
ISBN: 0735617228
EAN: 2147483647
Year: 2001
Pages: 286
Authors: Michael Howard, David LeBlanc
BUY ON AMAZON
Database Modeling with MicrosoftВ® Visio for Enterprise Architects (The Morgan Kaufmann Series in Data Management Systems)
ERP and Data Warehousing in Organizations: Issues and Challenges
WebLogic: The Definitive Guide
The Complete Cisco VPN Configuration Guide
Java Concurrency in Practice
User Interfaces in C#: Windows Forms and Custom Controls
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy