Chapter 5. Evidence: Knowing Where Code Comes From

for RuBoard

By Matthew Lyons

IN THIS CHAPTER

  • Evidence Explained

  • Different Sources of Evidence

  • Evidence and the Base Class Library

As explained in Chapter 4, " User - and Code-Identity “Based Security: Two Complimentary Security Paradigms," code identity security is the basis of the security system in the .NET Framework. However, what does it really mean for some program to have an identity? How can the system assign identity to a given piece of code? These are the fundamental questions that this chapter addresses.

Users generally have a username and password to authenticate themselves to a computer, but that authentication process is active. That is, users log on by typing in their names and passwords. However, code for the .NET Framework cannot simply take an active part in authenticating itself. Instead, a trusted piece of the system must provide identification on behalf of code written on the .NET Framework. That is where evidence comes into play.

This chapter will cover:

  • What evidence is and how it is assigned to code

  • Different sources of evidence

  • Evidence classes used in the .NET Framework base class library

for RuBoard


. NET Framework Security
.NET Framework Security
ISBN: 067232184X
EAN: 2147483647
Year: 2000
Pages: 235

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net