Last modified on 28 July 2009, at 21:14

Visual Basic .NET/Security

There are two types of security in .NET

  • Code Access Security - security access that a program may have, independent of the user
  • Role-based Security - security access that a particular user account has

PermissionEdit

A Permission is the ability to do something, for example delete a file.

There are three sorts of permission:

  • Code access permission - access to a resource or ability to perform an operation. E.g. Access to a file, ability to delete a file
  • Identity permission -
  • Role-based security permission - whether a user is a particular user, or belongs to a particular user group. e.g. a successful login.

Type safetyEdit

Type safety in the .NET security context refers to the permissions that computer programs (rather than users) have, in particular it indicates how much of the computer's memory it can access. A program that is verifiably type safe can only access memory related to itself, and only in the correct manner. It is an advantage to write verifiably type safe programs because they won't trigger those annoying confirmation messages in Windows Vista, and users are more likely to download them because they are much less likely to be malware.

EvidenceEdit

Evidence is a piece of information, e.g. a password, electronic signature or certificate, that the framework uses to establish what permissions are available to the user or program.

Identities, Roles and PrincipalsEdit

An Identity is analagous to a user account. A Role is similar to a user group (e.g. "Administrator"). A Principal is something like the concept of "the currently logged in user". It represents the totality of the access currently available to the program from the combination of code access security and the Identity and Role being used. The Principal is the computer program, acting on the user's behalf. Different identities can also used by the Principal, through impersonation. e.g. a website might perform file operations that the user of the website might not be allowed to perform directly.