Chapter 11. Isolated Storage

Isolated storage is the final aspect of .NET runtime security we discuss. Isolated storage is a data storage mechanism that allows managed code to store user and application-specific data to disk. The use of isolated storage simplifies programming and minimizes the security risks associated with allowing code to store data to a computer’s hard drive. In this chapter, we describe what isolated storage is and explain where it provides benefits over existing data storage options. We demonstrate how to use isolated storage in your own programs, as well as how to administer and control access to it.

Isolated Storage Explained

Many applications need to write data to a persistent store so that it’s available each time the application runs. Data, such as user preferences and application state, is generally user-specific and needs to be stored in such a way that other users, and possibly other applications, cannot access and modify it. On the Windows platform, there has been no standard method of doing this, and therefore different applications have taken different approaches. These include using the Windows registry, configuration files (such as .ini files), or databases.

Windows features such as role-based security, ACL-based file permissions, user profiles, and the registry’s HKEY_CURRENT_USER hive make it relatively easy for code to store data that other users cannot access. However, it is not so easy to ensure that applications run by the same user cannot ...

Get Programming .NET Security now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.