Code Access Security

What Does Code Access Security Mean?

Code access security (CAS) is a security mechanism by which the common language runtime (CLR) of the .NET framework can restrict the managed code to execute operations with a limited set of permissions.

Advertisements

CAS enforces security policies in the .NET framework by preventing unauthorized access to protected resources and operations. Unlike traditional security methods, where user credentials are obtained from the user, CAS is designed to address the issues faced when obtaining code from external sources, which contain bugs and vulnerabilities. These bugs and vulnerabilities may make a user’s system vulnerable to malicious code, which may be performing tasks without the user knowing it. CAS actually knows and allows only those operations a given user’s code can and cannot perform. This feature is applicable to all managed code targeting the CLR.

CAS provides evidence-based security built on a layer above the security provided by the Windows operating system. While Windows is based on the permissions of the user, CAS is based on the evidence for the assembly. The assembly contains the permissions defined in the security policy and forms the basis for allowing code to execute necessary actions.

Techopedia Explains Code Access Security

CAS is built on the following elements, among others:

  1. Permissions: These are the basic rights needed to access a protected resource or execute a protected operation.
  2. Permission Set: This is a set of permissions, such "full trust", "nothing", "Internet", "local intranet" and others.
  3. Code Group: This is a logical grouping of code with a specified condition for membership such as LocalIntranet_zone and Internet_zone.
  4. Evidence: This is assembly-related information such as application directory, publisher, URL and security zone.
  5. Security Policy: This is a set of rules configured by an administrator to determine the permissions granted for a code expressed hierarchically at four levels as enterprise, machine, user and application domain.

The code-executing privileged operation demands the CLR for one or more permissions. The actual permission is calculated using the union of permission set in the code groups and then an intersection at the policy level. The CLR ensures the demanded permissions are in the granted permissions of the method of that assembly. If permission is not granted, a security exception will be thrown.

CAS provides two security modes to define permissions for code:

  • Declarative security is implemented by defining security attributes at the assembly level, class level or member level. Declarative mode is used when calls need to be evaluated at compile time.
  • Imperative security uses run time method calls to create instances of security classes. Imperative mode is used when calls need to be evaluated at run time.

CAS has limitations, including the malfunctioning of an application moved to another system when the security policy is different. In addition, there is no control on unmanaged code and no control of the development of applications to cater to the needs of different scenarios of security settings on user systems.

To effectively use the fine-grained security technology of CAS, developers should write type-safe code, use declarative or imperative syntax based on context, request permissions from run time for code to run, and use secure libraries.

Advertisements

Related Terms

Latest Cybersecurity Terms

Related Reading

Margaret Rouse

Margaret Rouse is an award-winning technical writer and teacher known for her ability to explain complex technical subjects to a non-technical, business audience. Over the past twenty years her explanations have appeared on TechTarget websites and she's been cited as an authority in articles by the New York Times, Time Magazine, USA Today, ZDNet, PC Magazine and Discovery Magazine.Margaret's idea of a fun day is helping IT and business professionals learn to speak each other’s highly specialized languages. If you have a suggestion for a new definition or how to improve a technical explanation, please email Margaret or contact her…