What is Code access security?
Preparing for the Microsoft MCTS exam? We all heard of code access security; at least those of us who are used to programming in the .NET, .VB, and C# platforms. But what is this code access security? Code access security (abbreviated CAS) is a concept introduced by the .NET Framework to Windows. It allows you control over different permissions that an application has. Wouldn’t it be a great idea if you could restrict what managed code can do at a granular level? This is exactly what the CAS lets you do! And this is what you must know for the MCTS Exam 70 536.
Things you need to know for the Microsoft MCTS certification
If you want to be one of the best developers, you must know how to create applications that can function even if some permissions are restricted. You must completely understand how the system works. CAS can also be used to restrict some callers from using your code. This, in turn, will greatly improve your application’s security. The application can be limited by force to a restricted permission set.
Due to the fact that code access security focuses on applications, not users, it is unable to identify and assign permissions to usernames, passwords, or ACLs (access control lists). This is the most important limitation and is the only one that must be considered.
Permissions. What are they?
Permission can be defined as a code access security access control entry. There are 19 permissions that can be configured in the .NET Framework 2.0 Configuration Tool, by default. These permissions are: Directory Services, DNS, Environment Variables, Even Log, File Dialog, File IO, Isolated Storage File, Message Queue, Performance Counter, Printing, Reflection, Registry, Security, Service Controller, Socket Access, SQL Client, User Interface, Web Access, X509 Store.
By permission set, we understand a CAS access control list (CAS). Here is the Default permission set for the Internet:
- File Dialog
- Isolated Storage File
- User Interface
Because code that runs on your local network is more trustworthy that content that is running on the Internet, the Local Intranet zone has more permissions by default. The Microsoft MCTS Exam 70 536 will test your knowledge about everything related to CAS.
Key Exam Points
- Learn all there is to learn about the CAS
- See some examples of implementations
- Work on your own to get high results at the Microsoft MCTS Exam 70 536
This article is based on the 2nd edition of the Microsoft .Net Framework Application Training Kit with the purpose to help 70-536 Exam takers to succeed. I constantly look for ways to improve the content. Please leave a comment about this article or drop me a message if you would like to see changes for this site.