Security in the .NET Framework 

The common language runtime and the .NET Framework provide many useful classes and services that enable developers to easily write security code. These classes and services also enable system administrators to customize the access that code has to protected resources. In addition, the runtime and the .NET Framework provide useful classes and services that facilitate the use of cryptography and role-based security.

In This Section

• Security How-to Topics
  Lists links to How-to topics contained in this section.

• Key Security Concepts
  Provides an overview of common language runtime security features. This section is of interest to developers and system administrators.

• Code Access Security
  Describes how to interact with code access security in your code. This section is of interest to developers.

• Role-Based Security
  Describes how to interact with role-based security in your code. This section is of interest to developers.

• Cryptographic Services
  Provides an overview of cryptographic services provided by the .NET Framework. This section is of interest to developers.

• Security Policy Management
  Describes how to manage code access security policy. This section is of interest to system administrators who manage .NET Framework applications.

• Security Policy Best Practices
  Describes some of the best practices for administrating code access security policy. This section is of interest to system administrators who manage .NET Framework applications.

• Secure Coding Guidelines
  Describes some of the best practices for creating reliable .NET Framework applications. This section is of interest to developers.

• Security Tools
  Describes tools that are useful to developers and administrators.

• ACL Technology Overview
  Describes the managed APIs that allow you to programmatically create or modify discretionary access control lists (DACLs) and system access control lists (SACLs) for a number of protected resources such as files, folders, and so on. This section is of interest to developers.

• About System.Security.Cryptography.Pkcs
  Describes the namespace that contains the managed code implementation of the Cryptographic Message Syntax (CMS) and Public-Key Cryptography Standards #7 (PKCS #7) standards. This section is of interest to developers.

• Using System.Security.Cryptography.Pkcs
  Explains how to use the System.Security.Cryptography.Pkcs namespace to program the Cryptographic Message Syntax (CMS) and Public-Key Cryptography Standards #7 (PKCS #7) standards into your application. This section is of interest to developers.

Related Sections

• ASP.NET Web Application Security
  Describes ASP.NET security and provides instructions for using it in your code.

• Configuring Security Policy
  Describes how to configure security policy using the .NET Framework Configuration tool and the Code Access Security Policy tool, and how to import security components using XML files.