Declarative and Imperative Security

Previous page
Table of content
Next page
for RuBoard

As you can see, there are several different uses of permissions in the .NET Framework. Because of the wide range of uses, there are two different ways to express security actions: declaratively and imperatively. Listing 6.2 shows the same permission demand expressed in both forms.

Listing 6.2 Declarative and Imperative Forms of the Same Permission Demand 
 // Declarative form [FileIOPermission(SecurityAction.Demand, Read=@"C:\Payroll.doc")] public void MyMethod() { } // Imperative form public void MyMethod() {   new FileIOPermission(FileIOPermissionAccess.Read, @"C:\Payroll.doc").Demand(); }

The primary difference between imperative and declarative forms of security actions is that declarative forms are stored in an assembly's metadata, while imperative forms are stored in IL. JIT-time security actions (for example, LinkDemands and InheritanceDemands ) and assembly-level permission requests can only be expressed in declarative forms because no IL is executing when they occur. All other security actions can be expressed in both forms.

Declarative security has several advantages over imperative security:

  • All security actions can be expressed in declarative form; this is not true of the imperative form.

  • Declarative security actions can be easily, statically reviewed on assemblies because they are stored in metadata. Understanding imperative security actions requires reading an assembly's IL and simulating execution, which is much more difficult.

  • Declarative security actions expressed on methods will occur at the very beginning of the method. This eliminates the possibility of performing security checks too late in program logic. If protected resources are accessed before imperative security checks are performed, it is possible that, among other things, data will be leaked to the client.

  • Declarative security actions can be placed at the class level. When this is done, the security action applies to every method, constructor, and property in the class. Imperative checks can only occur at the place where they are written in the source code.

Imperative security has a couple of advantages over declarative security:

  • More complex security logic can be used in method bodies with imperative security. For instance, different conditional branches can perform different security actions.

  • Resources that can be accessed with dynamic parameters, such as file paths, can only construct dynamic security actions using imperative security. Declarative security must work with permissions that are statically included in an assembly's metadata.

for RuBoard

Previous page
Table of content
Next page
. NET Framework Security
.NET Framework Security
ISBN: 067232184X
EAN: 2147483647
Year: 2000
Pages: 235
Authors: Brian A. LaMacchia, Sebastian Lange, Matthew Lyons, Rudi Martin, Kevin T. Price
BUY ON AMAZON
Inside Network Security Assessment: Guarding Your IT Infrastructure
Introducing Microsoft Office InfoPath 2003 (Bpg-Other)
Cisco CallManager Fundamentals (2nd Edition)
InDesign Type: Professional Typography with Adobe InDesign CS2
Telecommunications Essentials, Second Edition: The Complete Global Source (2nd Edition)
.NET-A Complete Development Cycle
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy