29 out of 64 rated this helpful - Rate this topic

Security in the .NET Framework

The common language runtime and the .NET Framework provide many useful classes and services that enable developers to easily write secure code and enable system administrators to customize the permissions granted to code so that it can access protected resources. In addition, the runtime and the .NET Framework provide useful classes and services that facilitate the use of cryptography and role-based security.

Important note Important

Effective with the .NET Framework 4, there are major changes to the code access security system. Security policy is no longer applied to applications. All applications that can be run from the desktop are now executed as full-trust applications. This includes both applications on the computer and applications that can be run from a network share. Partially trusted applications must be run in a sandbox, which determines their grant set. The permission system continues to be used, but it is transcended by security transparency rules. For information about these changes, see Security Changes in the .NET Framework.

Security Changes in the .NET Framework

Describes important changes to the .NET Framework security system.

Security How-to Topics

Lists links to How-to topics contained in this section.

Key Security Concepts

Provides an overview of common language runtime security features. This section is of interest to developers and system administrators.

Code Access Security

Describes how to interact with code access security in your code. This section is important to developers and can be of interest to system administrators.

Role-Based Security

Describes how to interact with role-based security in your code. This section is of interest to developers.

.NET Framework Cryptography Model

Provides an overview of cryptographic services provided by the .NET Framework. This section is of interest to developers.

Secure Coding Guidelines

Describes some of the best practices for creating reliable .NET Framework applications. This section is of interest to developers.

ACL Technology Overview

Describes the managed classes that enable you to programmatically create or modify discretionary access control lists (DACLs) and system access control lists (SACLs) for protected resources such as files and folders. This section is of interest to developers.

Windows Identity Foundation 4.5 Overview

Describes how you can implement claims-based identity in your applications.

Security Tools (.NET Framework)

Describes command-line tools that help you perform security-related tasks, such as configuring security policy, managing certificates, and digitally signing files.

.NET Framework Development Guide

Provides a guide to all key technology areas and tasks for application development, including creating, configuring, debugging, securing, and deploying your application, and information about dynamic programming, interoperability, extensibility, memory management, and threading.

Did you find this helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2014 Microsoft. All rights reserved.