Home
Browse all 647 examples
Download all 647 examples
Download sample chapters
Reviews
Errata
Acknowledgments
Links on .NET
Paradoxal Press

Buy directly from Paradoxal Press at $33.99 (Save 43%)



Category: Programming
Level: Beginner to seasoned
900 pages
ISBN-10 097661322-0
ISBN-13 978-097661322-0
$59.99 USA
$79.99 CANADA


Chapter 6: Security


Chapter 5<     > Chapter 7


Listings: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26

Table of content:

Introduction to Code Access Security (CAS)
       What is mobile code?
       CAS: The big picture
       Granting permissions to the code of an assembly
       Checking of permissions while running the code of an assembly

CAS: Evidences and permissions
       What is an evidence?
       Standard kind of evidences presented by the .NET framework
       Who is supplying evidences?
       Permissions
       Standard permissions
       Identity permissions
       Security permissions (meta-permissions)
       Custom permissions

CAS: Granting permissions from evidences by applying security policies
       Security policy levels
       Dissecting a security policy
       Algorithm used to apply a security policy
       Default security policy configuration
       Configuring security policies

CAS: The FullTrust permission

CAS: Imperative permission check from the source code
       The CodeAccessPermissions and PermissionSet classes
       The Demand() method
       The Deny() RevertDeny() PermitOnly() and RevertPermitOnly() methods
       The Assert() and RevertAssert() methods
       The FromXml() and ToXml() methods
       The System.Security.IPermission interface

CAS: Declarative permissions check using attributes
       Attributes to tweak the granted permissions set while loading an assembly
       Imperative vs. Declarative

CAS: Facilities to test and debug your mobile code

CAS: The isolated storage permission

.NET, Windows users and roles
       Introduction to Windows security
       The IIdentity and IPrincipal interfaces
       Windows Security Identifiers (SID)
       Impersonating the underlying Windows thread

.NET and access control to Windows resources
       Introduction to Windows access control
       Using specific SDs from .NET code
       Using generic SDs from .NET code

.NET and roles
       Defining the principal policy of an AppDomain
       Checking if a user belongs to a particular role
        COM+ roles

.NET and cryptography: symmetric algorithms
       Brief introduction to symmetric algorithms
       The .NET framework and symmetric algorithms

.NET and cryptography: asymmetric algorithms (public/private keys)
       Brief introduction to asymmetric algorithm
       Introduction to secure sessions
       The RSA algorithm
       Asymmetric algorithm and digital signature
       The .NET framework and the RSA algorithm

The Data Protection API (DPAPI)
       The Data Protection API of Windows
       The System.Security.Cryptography.ProtectedData class
       The System.Security.Cryptography.ProtectedMemory class
       The System.Security.SecureString class
       Protect data in your configuration files
       Securing data carried on a network

Authenticating your assemblies with the Authenticode technology and X.509 certificates
       Authenticode vs. Strong names
       Certificates and Certificate Authorities
       Root certificates
       Windows, .NET and the Authenticode technology

Copyright Patrick Smacchia 2006 2007