The .NET Framework is a flexible general-purpose computing platform designed to address the needs of commercial organizations and individuals alike, and to support a variety of application models. .NET supports recent trends that favor highly distributed systems, component-based applications, and web-based server solutions (including XML web services). Although these trends have led to improvements in application functionality and programmer productivity, they also require that software consumers, producers, and service providers pay closer attention to software and system security.
Traditionally, programmers have treated security as an afterthought; however, there is a growing appreciation that security is a requirement, not an option, for contemporary applications and that security should be integrated into their development. The simple fact is that you cannot ignore security when developing a .NET application, because security is at the core of the .NET Framework and implicit in applications that you write. You must understand how to program .NET security, if for no other reason than to respond to the default actions of the .NET Framework, but more importantly, to create effective and functional .NET applications that will be welcomed by their users.