ACL Technology Overview 

The classes in the System.Security.AccessControl namespace allow you to programmatically create or modify discretionary access control lists (DACLs) and system access control lists (SACLs) for a number of protected resources such as files, folders, and so on. DACLs allow you to programmatically control access to protected resources, while SACLs allow you to programmatically control system auditing policies of protected resources. For example, you can use the DACL classes to make sure that only an administrator can read a file; you can use the SACL classes to make sure that all successful attempts to open the file are logged.

The topics in this section describe the concepts and techniques that allow you to build ACL functionality into your applications.

In This Section

• Technology Summary for ACLs
  Summarizes ACL concepts and the use of classes in the System.Security.AccessControl namespace.

• ACL Technology Architecture
  Explains the architecture of ACL classes that are used to enforce access control and audit rules.

• ACL Technology Scenarios
  Describes the most common scenarios in which ACL classes are used

• ACL Propagation Rules
  Describes the rules used to propagate ACLs to folders and files contained within a target folder.

Reference

• System.Security.AccessControl
  Provides reference documentation for the System.Security.AccessControl namespace, which provides a managed implementation of the Windows ACL interface.

Related Sections

• Security in the .NET Framework
  Provides links to security topics in the .NET Framework, including topics for code access security, role-based security, and cryptography.