Chapter 10. Role-Based Security
The most significant security enhancement added to the .NET Framework is code-access security, which we discussed in the previous chapters. However, at times it is still necessary to make security decisions based on the user running the code, as opposed to the identity of the code itself. For this purpose, the .NET Framework supports a simple role-based security model. In this chapter, we explain what role-based security is and discuss the .NET Framework’s implementation. We describe the classes used to access role-based security and demonstrate how to use them in your programs.
Role-Based Security Explained
Role-based security (RBS) is a common security model in contemporary computing. When users wish to access a computer system, they must first prove their identity—a process known as authentication. Authentication requires the user to provide a set of credentials that uniquely identify him. These credentials are commonly a name and password but could be a physical token, such as a key card, or a biological attribute, such as a thumbprint. The computer system consults an authority to determine if the supplied credentials represent a known user and whether that user should have access to the system. During operation, the system relies on the user’s authenticated identity when performing authorization—the process of determining what actions and resources a user has authority to access. A person’s authority is expressed in terms of roles. A role is ...
Get Programming .NET Security now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
