Security Policy Best Practices

Important

In the .NET Framework version 4, the common language runtime (CLR) is moving away from providing security policy for computers. Microsoft is recommending the use of Windows Software Restriction Policies as a replacement for CLR security policy. The information in this topic applies to the .NET Framework version 3.5 and earlier; it does not apply to version 4.0 and later. For more information about this and other changes, see Security Changes in the .NET Framework 4.

The .NET Framework provides a code access security model that allows administrators to modify security policy to meet their individual needs. While code access security generally increases the reliability and security of applications, improperly administering code access security policy can potentially create security weaknesses. This section explains basic administration concepts and describes some of the best practices to use when administering code access security policy.

In This Section

• Security Policy Administration Overview
  Provides an overview of basic administration concepts related to code access security.

• General Security Policy Administration
  Describes security practices that apply to all levels of policy.

• Enterprise Policy Administration
  Describes security practices that apply to the enterprise policy level.

• Machine Policy Administration
  Describes security practices that apply to the machine policy level.

• User Policy Administration
  Describes security practices that apply to the user policy level.

Related Sections

• Key Security Concepts
  Describes the basic concepts and definitions needed to understand the .NET Framework security system.

• Code Access Security
  Describes the code access security system and how to programmatically interact with it.

• Security Policy Management
  Describes how security policy grants permissions to code.

• Security Policy Configuration
  Describes tasks to configure security policy.