Skip to Main Content
Programming .NET Components, 2nd Edition
book

Programming .NET Components, 2nd Edition

by Juval Lowy
July 2005
Intermediate to advanced content levelIntermediate to advanced
644 pages
17h
English
O'Reilly Media, Inc.
Content preview from Programming .NET Components, 2nd Edition

Chapter 12. Security

In traditional operating systems such as Windows or Unix, the security model is user-oriented. Processes execute under a certain security identity—usually that of the launching user—and the operating system grants access to resources or permission to perform certain operations based on that identity. Typically, either the user is omnipotent (an administrator or root account), or the user is restricted and can perform only a narrow set of operations. The user-oriented security model has a number of shortcomings. For one thing, even powerful users can make mistakes, such as installing harmful applications from dubious sources or simply launching email viruses. In general, all users are vulnerable to attacks, and only through experience do users learn how to prevent them. Even if no foul play is involved, users are often required to be involved in making runtime decisions about the nature of components, such as whether or not to trust content coming from a particular source. Furthermore, restricted users often don’t get to work in an environment that is tailored to their needs and preferences, and the overall quality of their sessions suffers. New breeds of threats such as worms, luring attacks, and Trojan horses target such weaknesses and can wait for an administrator to log on before striking—long after the initial security breach.

In today’s component-oriented environment, there is a need for a component-oriented security model. A component-oriented operating ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Windows Forms Programming in C#

Windows Forms Programming in C#

Chris Sells
Metaprogramming in .NET

Metaprogramming in .NET

Jason Bock, Kevin Hazzard
.NET Windows Forms in a Nutshell

.NET Windows Forms in a Nutshell

Ian Griffiths, Matthew Adams

Publisher Resources

ISBN: 0596102070Supplemental ContentErrata Page