Security Policy Management

  • Article

Security policy is the configurable set of rules that the common language runtime follows when determining the permissions to grant to code. The runtime examines identifiable characteristics of the code, such as the Web site or zone where the code originates, to determine the access that code can have to resources. During execution, the runtime ensures that code accesses only the resources that it has been granted permission to access.

Security policy defines several code groups and associates each of them with a set of permissions. Code groups categorize code by characteristics such as its publisher, digital signature, the URL from where it originates, and so on. After all evidence is considered, code is placed into code groups and the resulting permission grant is the total set of permissions associated with every code group that the code obtains membership in. Although the default security policy is suitable for most situations, administrators can modify or customize security policy to tailor it to the specific needs of their organizations. The runtime grants permissions to both assemblies and application domains based on security policy.

In This Section

  • Security Policy Best Practices
    Describes techniques that administrators can use to maintain security policy on a machine or in an enterprise.
  • Key Security Concepts
    Introduces fundamental concepts you must understand before using .NET Framework security.
  • Permissions
    Describes permission objects and how they are used by the runtime.
  • Code Access Security
    Describes .NET Framework code access security in detail and provides instructions for using it in your code.
  • Security Tools
    Lists and briefly describes the security tools included in the .NET Framework SDK.