Exam 70-553 - Implement access control by using the System.Security.AccessControl classes.

Section 1 Part 4:
Improving the security of .NET Framework applications by using the .NET Framework 2.0 security features
Topic 1

Implement access control by using the System.Security.AccessControl classes.

DirectorySecurity class, FileSecurity class, FileSystemSecurity class, and RegistrySecurity class
AccessRule class
AuthorizationRule class and AuthorizationRuleCollection class
CommonAce class, CommonAcl class, CompoundAce class, GeneralAce class, and GeneralAcl class
AuditRule class
MutexSecurity class, ObjectSecurity class, and SemaphoreSecurity class

Summary

The entire System.Security.AccessControl Namespace is new to .Net 2.0. It encapsulated everything that you could manually do to a file or folder by going to the Security tab of the properties dialog and change the access permissions, click on advanced and set up auditing and permissions inheritance.

The DirectorySecurity and FileSecurity Classes represent the access control and security for directories and files. Using these classes you can define the rules for a file and pass it to the System.IO objects as you create them.

The FileSystemSecurity Class is the base class for the directorysecurity and filesecurity classes.

The RegistrySecurity Class represent access control security for registry keys.

The AccessRule Class represents the user, an access mask, control type (allow or deny), and inheritance information. Each Rule can be applied to one of the previously mentioned classes to define policy.

The AuthorizationRule Class is the base class for the AccessRule and AuditRule Classes. The AuthorizationRule Collection is a strongly typed collection of AuthorizationRules.

The CommonAce, CommonAcl, CompoundAce, GeneralAce and GeneralAce Classes all represent Access Control Lists or Access Control Entries.

The AuditRule Class represents the entry you would make to setup auditing of a file or directory.

Object Security is the base class of the CommonObjectSecurity class which exposes methods for accessing the five parts of a security descriptor.

The following is my understanding of MutexSecurity and SemaphoreSecurity. They provide security for instances of the Mutex and Semaphore Classes. Both are used primarily in multithreaded environments to manage access to a resource. Where Semaphores allow more than one accesses, Mutexes can only allow one.

Other Resources & Links:

Setting ACE/ACL permissions in .NET 2.0
http://west-wind.com/weblog/posts/4072.aspx

Security Enhancements for the .Net Framework 2.0
http://msdn.microsoft.com/msdnmag/issues/05/01/SecurityBriefs/

The Windows Access Control Model Part 3
http://www.codeproject.com/csharp/accessctrl3.asp

DirectorySecurity Class
http://msdn2.microsoft.com/en-us/library/system.security.accesscontrol.directorysecurity(VS.80).aspx

FileSecurity Class
http://msdn2.microsoft.com/en-us/library/system.security.accesscontrol.directorysecurity(VS.80).aspx

FileSystemSecurity Class
http://msdn2.microsoft.com/en-us/library/system.security.accesscontrol.filesystemsecurity(VS.80).aspx

RegistrySecurity Class
http://msdn2.microsoft.com/en-us/library/system.security.accesscontrol.registrysecurity(VS.80).aspx

AccessRule Class
http://msdn2.microsoft.com/en-us/library/system.security.accesscontrol.accessrule(VS.80).aspx

AuthorizationRule Class
http://msdn2.microsoft.com/en-us/library/system.security.accesscontrol.authorizationrule(VS.80).aspx

AuthorizationRuleCollection Class
http://msdn2.microsoft.com/en-us/library/system.security.accesscontrol.authorizationrulecollection(VS.80).aspx

CommonACE Class
http://msdn2.microsoft.com/en-us/library/system.security.accesscontrol.commonace(VS.80).aspx

CommonACL Class
http://msdn2.microsoft.com/en-us/library/system.security.accesscontrol.commonacl(VS.80).aspx

AuditRule Class
http://msdn2.microsoft.com/en-us/library/system.security.accesscontrol.auditrule(VS.80).aspx

MutexSecurity Class
http://msdn2.microsoft.com/en-us/library/system.security.accesscontrol.mutexsecurity(VS.80).aspx

ObjectSecurity Class
http://msdn2.microsoft.com/en-us/library/system.security.accesscontrol.objectsecurity(VS.80).aspx

SemaphoreSecurity
http://msdn2.microsoft.com/en-us/library/system.security.accesscontrol.semaphoresecurity(VS.80).aspx

Disclaimer

Categories

Authors

Latest Article

Follow Us

@mtelligent

@mtelligent

Follow Me

Disclaimer

Disclaimer

Categories

Authors

Mar 14 Exam 70-553 - Implement access control by using the System.Security.AccessControl classes.

Mar 16 Exam 70-553 - Implement a custom authentication scheme by using the System.Security.Authentication classes.

Mar 12 Exam 70-553 - Compress or decompress stream information and improve the security of application data by using isolated storage.

Related Posts

Mar 11 Mar 11 Exam 70-553 - Access files and folders by using the File System classes.

Mar 17 Mar 17 Exam - 70-553 - Control permissions for resources by using the System.Security.Permission classes.

Mar 21 Mar 21 Exam 70-553 - Access and modify identity information by using the System.Security.Principal classes.

Follow Me

Disclaimer

Mar 11
Mar 11 Exam 70-553 - Access files and folders by using the File System classes.

Mar 17
Mar 17 Exam - 70-553 - Control permissions for resources by using the System.Security.Permission classes.

Mar 21
Mar 21 Exam 70-553 - Access and modify identity information by using the System.Security.Principal classes.