Security Policy Management
Security policy is the configurable set of rules that the common language runtime follows when determining the permissions to grant to code. The runtime examines identifiable characteristics of the code, such as the Web site or zone where the code originates, to determine the access that code can have to resources. During execution, the runtime ensures that code accesses only the resources that it has been granted permission to access.
Security policy defines several code groups and associates each of them with a set of permissions. Code groups categorize code by characteristics such as its publisher, digital signature, the URL from where it originates, and so on. After all evidence is considered, code is placed into code groups and the resulting permission grant is the total set of permissions associated with every code group that the code obtains membership in. Although the default security policy is suitable for most situations, administrators can modify or customize security policy to tailor it to the specific needs of their organizations. The runtime grants permissions to both assemblies and application domains based on security policy.
In This Section
- Security Policy Model
- Describes the components of the security policy system.
- Permission Grants
- Describes how the common language runtime grants permission to code.
- Default Security Policy
- Describes how security policy is configured by default.
- Administering Security Policy
- Describes how administrators can view and modify security policy.
- Internet Explorer Security and Managed Execution
- Describes how Microsoft Internet Explorer security settings affect managed execution.
- Security Policy Best Practices
- Describes techniques that administrators can use to maintain security policy on a machine or in an enterprise.
- Key Security Concepts
- Introduces fundamental concepts you must understand before using .NET Framework security.
- Describes permission objects and how they are used by the runtime.
- Code Access Security
- Describes .NET Framework code access security in detail and provides instructions for using it in your code.
- Security Tools
- Lists and briefly describes the security tools included in the .NET Framework SDK.