Security Policy Management
Security policy is the configurable set of rules that the common language runtime follows when determining the permissions to grant to code. The runtime examines identifiable characteristics of the code, such as the Web site or zone where the code originates, to determine the access that code can have to resources. During execution, the runtime ensures that code accesses only the resources that it has been granted permission to access.
Security policy defines several code groups and associates each of them with a set of permissions. Code groups categorize code by characteristics such as its publisher, digital signature, the URL from where it originates, and so on. After all evidence is considered, code is placed into code groups and the resulting permission grant is the total set of permissions associated with every code group that the code obtains membership in. Although the default security policy is suitable for most situations, administrators can modify or customize security policy to tailor it to the specific needs of their organizations. The runtime grants permissions to both assemblies and application domains based on security policy.
In This Section
- Security Policy Model
Describes the components of the security policy system.
- Permission Grants
Describes how the common language runtime grants permission to code.
- Default Security Policy
Describes how security policy is configured by default.
- Administering Security Policy
Describes how administrators can view and modify security policy.
- How to: Enable Internet Explorer Security Settings for Managed Execution
Describes how Microsoft Internet Explorer security settings affect managed execution.