Introducing Code Access Security
codes, both from known and unknown sources, are a threat to any computer that
has access to Internet. You are prone to get the malicious codes through e-mail,
or when you download documents, or even when you are just surfing the Internet.
Though the secured system of allotting a user name and a password for accessing
all the resources, many times this method has proved to be faulty and not secure,
as intentional hackers can hack the username and password without even the knowledge
of the legitimate users. Subsequently the username and the password can be used
either to tamper the data or to steal valuable information.
avoid the possible security breach, there is one system called Code Access
· Granting permissions and rights to access various resources including access to computer.
· Involves a well-defined security policy that can be configured or customised to meet to your requirement. Various permission levels can be assigned to a set of codes and there by maintaining a well secured configuration.
· When an important or a sensitive set of codes are to be executed, then the system will ask for permission of an authorised official - in other words, only a person who holds a specific permission or role alone can run the codes to get the desired results.
· Various levels of permissions can be granted to various persons using the system and the same can be customised based on the prevailing security policy of the organization.
· A provision is made available with which you can configure your system to ask for a specific permission whenever a code is executed.
· Various levels of restriction can be introduced at code level itself that can make the system to cross check whether the person permitting the running of code is really authorised to do so or not.
You can make use of the concepts employed in Code Access Security to develop applications for any real-time runtime environment. Few of the concepts that are widely used are:
Writing type-safe code: With this the original source-codes can be secured and you can make only a compiled runtime version alone capable of running in real-time environment.
Imperative and declarative syntax: You can make use of declarative and essential calls and be able to customise your triggers and again the triggers can be made to get execute a set of pre-defined codes that too with only correct permission levels. With such a facility you can fully secure your data and system from external threats.
Making your code to run or getting executed only with a permission: You can fully configure your application to evaluate the configured permission levels and ensure that your codes are run only by authorised persons and none other.
secure class libraries: With the help of class libraries you can customise and
specify your various permission levels that are required for access to data and
to the codes, and you will be able to employ the permissions globally in the entire
to our mailing list and receive new articles Note
: We never rent, trade, or sell my email lists to Visit
.NET Programming Tutorial Homepage ______________________________________________________
to our mailing list and receive new articles
: We never rent, trade, or sell my email lists to
Visit .NET Programming Tutorial Homepage