| Security prevents a user or a piece of code from doing things it should not be allowed to do. Traditionally, security has focused on restricting operations based on the identity of the user or the group to which the user belongs. Naturally, this approach to security is supported by .NET, and it is known as user-based security (a closely related concept is known as role-based security , also discussed later in this chapter). .NET also allows you to place restrictions on what a piece of code is permitted to do according to security evidence associated with that code. This new approach to security is known as Code Access Security (also known as evidence-based security ). For example, you can prevent certain code from accessing certain files based on permissions relating to who digitally signed the code or based on the location from which the code originated. This is particularly useful when you have public Web sites or services where it is impractical to create user accounts, and lock-down files or other resources, for a large set of unknown users. Code Access Security is critical when you are executing code that may attempt to invoke functionality in other code created by third parties that you may or may not know or trust. Code Access Security is particularly useful for defending against malicious mobile code. .NET security sits on top of the underlying operating system's security system. For the purposes of this chapter, the underlying operating system is assumed to be Windows 2000. While we will discuss some security issues associated with the underlying infrastructure, including Microsoft's Internet Information Server (IIS), we will only go into details on those aspects of security that are relevant to .NET security. Code always runs under some identity, or in other words, as some user ID. For example, irrespective of the file creation .NET security permissions that may be in effect, if the underlying Win32 Access Control List (ACL) denies you the right to create a file, you will not be able to create a file. User-based security always starts with two questions. The first is the authentication question and the second is the authorization question: -
Authentication: Who are you? -
Authorization: Are you permitted to do what you are attempting to do? Code access security has to answer the same two basic questions as user-based security; however, the "you" in these questions refers to an assembly identity rather than a user identity. In this chapter we will focus on how to implement user-based security and code access security. Other related aspects of security that will be discussed in this chapter are role-based security, IIS security, ASP.NET Web application security, administrative security policy management, and certain security utility tools.  | 
