Overview of Code Access Security in .Net

Exchange and download of code from internet/intranet has become very common in the recent past due to the fact that the interdependency between different software applications/modules has increased. This can be an ordinary task as long as the downloaded code from the source does not contain any malicious code which can read some secured data from the system or corrupt vital data that can harm the system. To address this security concern, the .Net framework has enforced some security policies, one of which is the Code Access Security.

Code Access Security (CAS)

CAS is one of the security features that manage the code based on the trust level that has been assigned to it. With this, any managed application (or assembly) can be controlled to a granular level with restricted permission set assigned to it. The evidence information about the assemblies like its origin, author, etc. is gathered by the runtime. Based on this information, the assembly underlying the code will be identified to a group.

Execution of the code of the assembly would then be based on the security policy that has been configured earlier to that group. For example, the code downloaded from internet while browsing will be assigned to a group for which the permissions for its access (read, write and execute) to the local system would have already been set. CAS is also used for protecting sensitive data like the employee data base that has to be used by secured code.

Unlike the Role-based security where the execution of assembly are based on the access rights of the user profile executing it, CAS allows execution based on the set of permissions of the assembly(code) which allows to operate in a restricted environment. CAS cannot be used for restricting unmanaged applications and hence can allow any system resource that the user has permission to access.

CAS is implemented with the help of following sets of data which are as below:
Code group: defines the category to which the code belongs to. It is used to associate permission sets to assemblies. Code groups are formed on the basis of the Evidence information of the assembly which includes characteristics of the assembly of the code like the source (internet, intranet, etc.), publisher, URI (Uniform Resource Identifier) of the downloaded assembly, etc.

Permission Set

Permission set is like Access Control List of CAS. It is a list of code access permissions like File Dialog, Security, Reflection, Printing, etc. which is grouped into a named set and provide access to secured resources. Following are the default Permission sets of which last three sets can be altered:

FullTrust : no permission restrictions

Execution- permission to execute but no access to protected resources

Nothing – no permission for any operation

LocalIntranet – represents the default policy for local intranet

Internet – Default policy for unknown code downloaded from the web

Everything- All permissions except that for skipping code verification

Permissions: specifies the actions that are allowed to be executed for each code group. For example, the File Dialog permission specifies whether an assembly can prompt the User with the Open dialog box, Save Dialog box, etc. There are 19 permissions available for configuration in the .Net framework Configuration tool, some of which are as below:

FileIOPermission – access to work with files (read, write, append)

FileDialogPermission – ability to access the file selected by the User in Open dialog box

UIPermission – rights to access the user interface

SQLClientPermission – ability to access SQL databases

Caspol (Code Access Security Policy) tool – CAS tool

A Security Policy is a logical grouping of code groups and permission set. By setting permissions to the code group instead of the individual assemblies, the management of security policy becomes easier. The security policy is usually configured by the System Administrator at multiple levels like Enterprise, User and Machine.

Enterprise level policy is configured at the enterprise level through the Active Directory service and grants all code full trust. Machine level policy applies to all code executed on a computer. User level policy defines permissions on user basis. It should be noted that the effective permissions of an assembly are the intersection (minimum of all the permission sets) of permissions granted to the assembly by CAS.

The security policy can be managed either through user interface provided in the Microsoft Management Console or by using a simple command-line tool, Caspol. Caspol is used to view and set the trust level for each code group and manage the code groups and permissions in granular fashion. It should be executed in the folder in which the .Net framework is installed.

Some of the tasks that can be executed using Caspol are:

• Grant full trust to an assembly
• Add a new code group to the machine policy
• Add a code group to the User policy
• Reset policy levels for Machine policy level

.Net classes for working with CAS

The .Net framework has provided different classes for working with CAS programmatically through a well-defined set of CAS permission classes. By using declarative CAS with this set of classes, the assembly can be ensured to have the necessary permissions for its execution and none that it does not require. Also, the Administrator can provide the minimum set of permissions demanded by the declarative CAS of the assembly needed for all its functionalities.

For each type of resource that can be protected, the framework provides a class corresponding to that resource. The names of these classes are suffixed with ‘Permission’. Some of them are FileDialogPermission, OdbcPermission, RegistryPermission, etc. Using these classes, access to the resources can be controlled through its members programmatically. The namespace, System.Security.Permissions has to be included to use these classes.
Thus, .Net framework has offered a managed security environment for using it in the development of distributed applications where security is a vital factor.

| AppDomain class in .Net | Asynchronous programming in .Net | Better data transmission using Compressed Streams in .Net | Encoding and Decoding Data in .Net | Handling Unmanaged Code in .Net | How are Generics of C# Different from C++ Templates | How Do You Establish Variance in Generic Typesm: Reference Types | How Do You Identify Nullable Type in C#m: Reference Types | How Do You Perform Boxing On Nullable Types in C# |Overview of Code Access Security in .Net |


“Amazon and the Amazon logo are trademarks of Amazon.com, Inc. or its affiliates.”

| Privacy Policy for www.dotnet-guide.com | Disclosure | Contact |

Copyright - © 2004 - 2024 - All Rights Reserved.