All Pages All Books|
|
|||||
|
Introducing the Microsoft .NET Platform • Chapter 1 13
|
|||||
|
|
|||||
|
■
|
It sounds worse than it really is. Essentially this is a system of security policies that can be set by an administrator to allow certain levels of access based on the component’s assembly information. The policies are set at three levels: the enterprise, the individual machine, and the user.
Calling .NET Framework methods from the Base Class Library get the benefits of built in security. That is, the developer doesn’t have to make explicit security calls to access system resources. However, if your components expose interfaces to protected resources, you will be expected to take the appropriate security measures.
Role-based security plays a part in the .NET security scheme.
Many applications need to restrict access to certain functions or resources based on the user, and .NET introduces the concepts of identities and principals to incorporate these functions.
Authentication and authorization functions are accessed through a single API. It can easily be extended to incorporate application-specific logic as required. Authentication methods include basic operating system user identification, basic HTTP, ASP.NET forms, Digest and Kerberos, as well as the new .NET service, Microsoft .NET Passport.
Isolated storage is a special area on disk assigned to a specific assembly by the security system. No access to other files or data is allowed, and each assembly using isolated storage is separated from each other. Isolated storage can be used for a saving a components state, or saving settings, and can be used by components that do not have access to read and write files on the system.
A robust set of cryptographic functions that support encryption, digital signatures, hashing, and random-number generation are included in the .NET Framework. These are implemented using well-known algorithms, such as RSA, DSA, Rijndael/AES, Triple DES, DES, and RC2, as well as the MD5, SHA1, SHA-256, SHA-384, and SHA-512 hash algorithms. Additionally, the XML Digital Signature specification, under development by the Internet Engineering Task Force (IETF) and the World Wide Web Consortium (W3C),is also available. The .NET Framework uses these cryptographic functions to support various internal services. The cryptographic objects are also available in the Base Class Library for developers who require this functionality.
|
||||
|
■
|
|||||
|
■
|
|||||
|
■
|
|||||
|
■
|
|||||
|
|
|||||
|
|
|
||||
|
|
|||||
All Pages All Books