This post originated from an RSS feed registered with .NET Buzz
by Robert Hurlbut.
Original Post: Speaking on Code Access Security to Downtown Boston .NET User Group on August 5
Feed Title: Robert Hurlbut's .Net Blog
Feed URL: http://www.asp.net/err404.htm?aspxerrorpath=/rhurlbut/Rss.aspx
Feed Description: Development with .Net, Rotor, Distributed Architectures, Security, Extreme Programming, and Databases
Rather than present the same topic twice, I will be presenting a general security overview for the developer in Waltham, and a more specific introduction to .Net Security in Boston with a look at Code Access Security:
In unmanaged Win32 applications, the operating system authorized access to resources based solely on who was running the program. In today's highly distributed, component-oriented environment, you need a security model based on what a given piece of code, a component, is allowed to do. .NET allows you to configure permissions for components, and provide an evidence to prove that it has the right credentials to access a resource or perform some sensitive work. This talk will cover evidence, policy, permissions, and runtime enforcement (stalk walking, etc.) I will also show how to manage application security using the .Net configuration tool and programmatically.
I have found that CAS is probably one of the most difficult areas in .Net Security to master, yet it will prove to be more and more important to understand for developing secure applications now and in the future (especially with Longhorn). Don't miss it!
Update: To try to reduce confusion, the official names of the Boston .NET Groups are as follows:
Previous Topic
