다음을 통해 공유


Secure Coding Guidelines 

Evidence-based security policy and code access security provide very powerful, explicit mechanisms to implement security. Most application code can simply use the infrastructure implemented by the .NET Framework. In some cases, additional application-specific security is required, built either by extending the security system or by using new ad hoc methods.

Using the .NET Framework-enforced permissions, and other enforcement in your code, you should erect barriers to prevent malicious code from obtaining information that you do not want it to have or performing other undesirable actions. Additionally, you must strike a balance between security and usability in all the expected scenarios using trusted code.

In This Section

  • Permission Requests
    Describes how to interact with the .NET Framework security system using security requests.
  • Code Access Security
    Describes .NET Framework code access security in detail and provides instructions for using it in your code.
  • Role-Based Security
    Describes .NET Framework role-based security in detail and provides instructions for using it in your code.