Security Concepts and Definitions

Table 18.1 describes the different types of security presented in this chapter and how they relate to real-world scenarios.

Table 18.1 Types of Security

Security Type	Related Concept in Security .Permissions Namespace	Purpose
NTFS	None	Allows for detailed file system rights, e.g., locking down of specific files.
Cryptographic	Strong name and assembly, generation, SignCode.exe utility	Use of public key infrastructure and certificates.
Programmatic	Groups and permission sets	For use in pieces of code that are being called into. Provides extra security to prevent users of calling code from violating security measures implemented by the programs that are not provided for on a machine level.
User Access Control	Users run without administrative permission	Provided by the operating system to help users protect their system from unexpected changes that might occur when logged in using the machine's administrator account.

There are many approaches to providing security on the machines where your shared code is hosted. If multiple shared code applications are on one machine, each piece of shared code can be called from many front-end applications. Each piece of shared code will have its own security requirements for accessing environment variables—such as the registry, the file system, and other items—on the machine that it is running on. From an NTFS perspective, the administrator of your server can only lock down those items on the machine that ...