Design of the Security Application Block

The Security Application Block addresses the following areas:

• Authorization
• Security-related caching

Design Goals

The Security Application Block is designed to achieve the following goals:

• Provide a simple and intuitive interface to the commonly required authorization functionality.
• Encapsulate the logic used to perform authorization and security-related caching.
• Present a standard provider model for authorization and security-related caching.
• Ensure that the block is extensible.
• Ensure that there is minimal or negligible performance impact compared to security code that access the .NET Framework classes directly to accomplish the same functionality.
• Incorporate best practices for application security, as described in Improving Web Application Security: Threats and Countermeasures.

Design Highlights

The Security Application Block is designed to externalize the implementation of the authorization and caching provider from a running application. This design lets you change implementations without changing the code of the application. The following schematic illustrates the interrelationship between the key classes in the Security Application Block.