
This is the Title of the Book, eMatter Edition
Copyright © 2007 O’Reilly & Associates, Inc. All rights reserved.
939
Chapter 17
CHAPTER 17
Security
17.0 Introduction
There are many ways to secure different parts of your application. The security of
running code in .NET revolves around the concept of Code Access Security (CAS).
CAS determines the trustworthiness of an assembly based upon its origin and the
characteristics of the assembly itself, such as its hash value. For example, code
installed locally on the machine is more trusted than code downloaded from the
Internet. The runtime will also validate an assembly’s metadata and type safety
before that code is allowed to run.
There are many ways to write secure code and protect data using the .NET Frame-
work. In this chapter, we explore such things as controlling access to types, encryp-
tion and decryption, random numbers, securely storing data, and using programmatic and
declarative security.
17.1 Controlling Access to Types in a Local Assembly
Problem
You have an existing class that contains sensitive data and you do not want clients to
have direct access to any objects of this class. Instead, you want an intermediary
object to talk to the clients and to allow access to sensitive data based on the client’s
credentials. What’s more, you would also like to have specific queries and modifica-
tions to the sensitive data tracked, so that if an attacker ...