Chapter 21. Security

In this chapter, we discuss the two main components of .NET security:

  • Permissions

  • Cryptography

Permissions, in .NET, provide a layer of security independent of that imposed by the operating system. Their job is twofold:


Limiting the kinds of operations that partially trusted .NET assemblies can perform


Limiting who can do what

The cryptography support in .NET allows you to store or exchange high-value secrets, prevent eavesdropping, detect message tampering, generate one-way hashes for storing passwords, and create digital signatures.

The types covered in this chapter are defined in the following namespaces:


In Chapter 15, we covered isolated storage, which serves another useful role in a secure environment.


The Framework uses permissions for both sandboxing and authorization. A permission acts as a gate that conditionally prevents code from executing. Sandboxing uses code access permissions; authorization uses identity and role permissions.

Although both follow a similar model, they feel quite different to use. Part of the reason for this is that they typically put you on a different side of the fence: with code access security, you’re usually the untrusted party; with identity and role security, you’re usually the untrusting party. Code access security is most often forced upon you by the CLR or a hosting environment such as ASP.NET ...

Get C# 5.0 in a Nutshell, 5th Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.