Chapter 3: Code-Access Security

Previous page
Table of content
Next page


Overview

Key concepts in this chapter are:

  • Handling security-related code-access violations

  • Running applications in different security zones

  • Modifying code to work within the bounds of different security zones

  • Using isolated storage in place of traditional file I/O

What is code-access security—or CAS, as it’s affectionately called? Code- access security is designed to protect applications and components in shared environments—such as your local network or the Internet—from the following risks:

  • Inadvertently or intentionally damaging or destroying sensitive data

  • Crippling the computer on which the code is running by consuming all available resources, such as all available memory or disk space— an event known as a denial of service (DoS) attack

  • Allowing calling code or attackers to intentionally or unintentionally elevate their privileges to perform actions such as viewing sensitive user information stored on the computer where the code is running—an event known as a luring attack

Take for example a chart component that shows stock price history embedded within a stock-trading Web page. Do you want to give free reign to the component to do whatever it wants to your computer, such as delete arbitrary files? Probably not. You want to be assured that the component can perform only safe activities such as show a graph of stock prices, and that it won’t delete your personal files or transfer personal information back to the Web server as it shows you a cool graph. Moreover, you want to be assured that if a component attempts to perform an unsafe action the code-access security system will step in and prevent the action from happening. In addition, you want to be assured an untrusted application that calls a method on your component can’t force the component to do bad things—things the calling application itself is not allowed to perform. For example, you don’t want an application calling the SaveChart method of your Chart control passing the path and filename of an existing system file or personal file, which gets overwritten (destroyed) by the call. The code-access security system should detect that an untrusted caller is attempting to call a method that it has no business calling, issue a security exception, and prevent the action from taking place.

The purpose of code-access security is to permit only actions considered to be safe—or put another way, to prevent actions considered to be unsafe. How does code-access security determine which actions are safe or unsafe? And how does code-access security prevent harmful code from executing?


Previous page
Table of content
Next page
Security for Microsoft Visual Basic .NET
Security for Microsoft Visual Basic .NET
ISBN: 735619190
EAN: N/A
Year: 2003
Pages: 168
BUY ON AMAZON
OpenSSH: A Survival Guide for Secure Shell Handling (Version 1.0)
CISSP Exam Cram 2
Cisco IOS in a Nutshell (In a Nutshell (OReilly))
Lotus Notes Developers Toolbox: Tips for Rapid and Successful Deployment
Microsoft WSH and VBScript Programming for the Absolute Beginner
Java Concurrency in Practice
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy