Introducing Code Access Security in .NET Framework

Introduction

Code Access Security is a feature that enables you to define restrictions on code that would be executing in the managed environment. You can use Code Access Security to restrict access to your code, define policy levels (Enterprise, Machine, User and Application Domain), code groups, and grant or revoke permissions, etc. You can also implement both imperative and declarative security modes in your application. This article takes a look at Code Access Security (CAS) the benefits of the concepts while emphasizeing the new features in CAS in .NET Framework 4.0.

What is Code Access Security?

Code Access Security is a security feature in .NET that provides restrictions on the code that is to be executed based on who the owner of the code is, where it has been downloaded from, the evidences, etc. The CLR would allow your code to only perform operations that are permitted. The Wikipedia states: “Code Access Security (CAS), in the Microsoft .NET framework, is Microsoft’s solution to prevent untrusted code from performing privileged actions. When the CLR loads an assembly it will obtain evidence for the assembly and use this to identify the code group that the assembly belongs to. A code group contains a permission set (one or more permissions). Code that performs a privileged action will perform a code access demand which will cause the CLR to walk up the call stack and examine the permission set granted to the assembly of each method in the call stack. The code groups and permission sets are determined by the administrator of the machine who defines the security policy.” http://en.wikipedia.org/wiki/Code_Access_Security
In essence, you can use Code Access Security to restrict what all your code can do, restrict which code can invoke your code and also identify code. Code Access Security imposes certain restrictions and policies based on which access to protected resources and operations are governed.

Note that Code Access Security is based on two key concepts, namely, Code Groups and Permissions. Each and every .NET assembly belongs to a particular Code Group. Each Code Group in turn is granted a set of permissions that are specified in the permission set to which it is associated. You can use the following command in the command line to see the code groups defined on your system:

  caspol -lg

Code Access Security comprises of the following elements:

  • Permissions – these represent a resource that is protected, or, the ability to perform an operation that is protected.
  • Permission Sets – Permission Sets comprise of a collection of permissions. The built-in permission sets provided by the CLR include: Nothing, Execution, Internet, LocalIntranet, Everything and, FullTrust.
  • Code Groups – Code Groups are defined as logical grouping of code with a specified membership condition.
  • Evidence – This can be defined as information that is associated with an assembly–it denotes the origin of code. The CLR examines the evidence associated with the code and then it checks what all permission sets are associated with the code group. Some typical types of evidence include: site, strong name, publisher, URL and zone. In essence, evidence is typically used to authenticate the code. The various identity permissions that are used to authenticate code include: PublisherIdentityPermission, SiteIdentityPermission, StrongNameIdentityPermission, ZoneIdentityPermission and URLIdentityPermission.
  • Policies – Policies are defined as a configurable set of rules that determine the permissions to grant access to a piece of code. Policies typically represent the user roles. There consist of the following types: Application Domain Policy, User Policy, Machine Policy and Enterprise Policy.

Using Declarative and Imperative Syntax

You can define Code Access Security in your code either using declarative syntax or using imperative syntax. While you use attributes to define Code Access Security declaratively, the imperative syntax used runtime method calls.

Here is how you can implement Code Access Security declaratively:

  [FileIOPermission(SecurityAction.Demand, Unrestricted=true)]

  public class Test
  {
      public void DoWork()
      {
        //Some code
      }
  }

  Here is how you can implement Code Access Security using imperative syntax:

  public class Test
  {
      public void DoWork()
      {
         FileIOPermission fileIOPermission =
            new FileIOPermission(PermissionState.Unrestricted);
          fileIOPermission.Demand();
      }
  }

More by Author

Must Read