Chapter 5. Evidence: Knowing Where Code Comes From
By Matthew Lyons
IN THIS CHAPTER
As explained in Chapter 4, “User- and Code-Identity–Based Security: Two Complimentary Security Paradigms,” code identity security is the basis of the security system in the .NET Framework. However, what does it really mean for some program to have an identity? How can the system assign identity to a given piece of code? These are the fundamental questions that this chapter addresses.
Users generally have a username and password to authenticate themselves to a computer, but that authentication process is active. That is, users log on by typing in their names and passwords. However, code for the .NET Framework cannot simply take an active part in authenticating itself. Instead, a trusted piece of the system must provide identification on behalf of code written on the .NET Framework. That is where evidence comes into play.
This chapter will cover:
What evidence is and how it is assigned to code
Evidence classes used in the .NET Framework base class library