Design of the Security Application Block

The Security Application Block addresses the following areas:

  • Authorization
  • Security-related caching

Design Goals

The Security Application Block is designed to achieve the following goals:

  • Provide a simple and intuitive interface to the commonly required authorization functionality.
  • Encapsulate the logic used to perform authorization and security-related caching.
  • Present a standard provider model for authorization and security-related caching.
  • Ensure that the block is extensible.
  • Ensure that there is minimal or negligible performance impact compared to security code that access the .NET Framework classes directly to accomplish the same functionality.
  • Incorporate best practices for application security, as described in Improving Web Application Security: Threats and Countermeasures.

Design Highlights

The Security Application Block is designed to externalize the implementation of the authorization and caching provider from a running application. This design lets you change implementations without changing the code of the application. The following schematic illustrates the interrelationship between the key classes in the Security Application Block.

Ff664481.c8699177-b0cf-48ee-be7a-1da90a67edb3(en-us,PandP.50).png