Chapter Summary

‚   ‚  


In this chapter, you learned about some of the security features that you can apply to server-side and distributed applications.

KEY TERMS

  • Authentication

  • Authorization

  • Code Access Security

  • Code group

  • Configured assembly

  • Declarative security

  • Imperative security

  • Impersonation

  • Permission

  • Permission set

  • Role-based security

The .NET Framework also includes two complete security systems configurable by administrators. Code access security controls the access of code to sensitive resources. Code can determine exactly which resources it requires or would like, and administrators can determine exactly which resources to make available. The Common Language Runtime checks to see whether the requested resources are available before it enables your code to run.

Role-based security allows you to make decisions in your code based on the user who is currently logged on. You can check for a particular username or for membership in a built-in or custom Windows group, and make decisions accordingly .

Security in ASP.NET revolves around authentication and authorization. You can choose from several authentication providers, including Windows, forms, and Passport authentication. After you've authenticated a user, you can authorize her access to resources.

Windows services, Web services, Remoting, and Enterprise Services each share in the overall .NET security framework, but they each have their own particular security issues. With Windows services, you need to consider carefully the account under which the service will run. With Web services, you must decide how much authentication you need and configure IIS to provide that authentication. With a Remoting server, you must balance the security and performance needs of your application in choosing a host process. With a serviced component, you may choose to use COM+ roles to manage all of your security.


‚   ‚  
Top


MCAD. MCSD Training Guide (Exam 70-310. Developing XML Web Services and Server Components with Visual Basic. NET and the. NET Framework)
MCAD/MCSD Training Guide (70-310): Developing XML Web Services and Server Components with Visual Basic(R) .NET and the .NET Framework
ISBN: 0789728206
EAN: 2147483647
Year: 2002
Pages: 166

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net