O'Reilly logo

Programming .NET Security by Allen Jones, Adam Freeman

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 6. Evidence and Code Identity

Computerized security systems often use biometric characteristics, such as fingerprints, retina patterns, and keyboard dynamics to establish the identity of a person.In an analogous manner, .NET establishes the identity of an assembly based on characteristics derived from the assembly’s content, structure, and source location. .NET refers to these identifying characteristics as evidence, and uses them to determine the actions and resources that code in the assembly has permission to access.

Our discussion of evidence begins with an explanation of what it is and where it comes from. We describe the purpose and use of the different types of evidence, including the standard evidence classes provided with the. NET Framework. Then we demonstrate how to use evidence programmatically in order to control the access permissions of your code. Finally, we show you how to extend CAS by developing custom evidence classes.

Evidence is most commonly used to determine the permissions to grant to an assembly but also plays an important role in securing application domains. To simplify our discussion, we focus on using evidence with assemblies. In almost all instances, the techniques we discuss are applicable without change to application domains, and we highlight where this is not the case.

Evidence Explained

Some types of evidence are inherent in the structure and content of an assembly, such as the assembly strong name, the hash value of the assembly’s content, ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required