Re: Security Model

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

From: Z D (NOSPAM_at_NOSPAM.com)
Date: 05/03/04 

Date: Mon, 3 May 2004 11:42:46 -0400

Hi Daniel,

Thanks for responding.

I actually came across the App Security & Profile block just a few minutes
ago searching on MSDN. It seems very interesting and I may be able to
modify/learn from it. I did notice however that it's based only on Roles
instead of ACL type access. Not sure if that will be a big deal, I will look
into it.

Thanks again!
-ZD

"Daniel Jin" <anonymous@discussions.microsoft.com> wrote in message
news:4794D59B-0B9F-416C-AFEC-CA618DFC3055@microsoft.com...
> a few existing options you have.
>
> 1. check out role based security in .NET.
> 2. check out Authorization Manager, or AzMan, which is COM based, you
can use through Interop.
> 3. check out Microsoft Application Security and Profile Block.
> 4. after reading those, you still feel they are not good enough, then
you can roll your own by using them as a template
>
> sorry I don't keep links around, but a quick search on MSDN will guide
you in the right direction.
>
> ----- Z D wrote: -----
>
> Good Morning,
>
> I was looking for some feedback, guidance, input, comments,
suggestions or
> just general thoughts on the following:
>
> For our internal development, I'm trying to create a general,
reusable
> security framework that is very flexible. It would have to handle
both
> Authentication and Authorization. The access levels allowed on each
'object'
> would be: View/Edit/Read/Write.
>
> Essentially, the first thought that came to mind was to model it
after the
> way ACL's work in Windows NTFS. This way, I have the flexibility to
assign
> View/Edit/Read/Write permissions to each button, form, or any other
> object/grouping of objects available in any given application.
>
> Unfortunately, all I know about the way ACL's work is what I see as
an end
> user. I'm assuming each 'object' gets some form of a unique
identifier
> (guid?). Each user in the system is then linked to a guid along with
an
> access level (Read, write, etc). This info is stored in a
database/xml
> file/wherever. Is this a valid approach?
>
> ***The question then becomes: How do I do this in an efficient &
elegant
> manner? I dont want to have to put an IF statement around each and
every
> button, form or object access!
>
> How do you guys do it? Are there any resources, other people that
have
> done/attempted something like this in the past?
>
> thanks in advance!
> -ZD
>
>
>
>
>
>

Relevant Pages

  • Re: Security Model
    ... > For our internal development, I'm trying to create a general, reusable> security framework that is very flexible. ... The access levels allowed on each 'object'> would be: ... This way, I have the flexibility to assign> View/Edit/Read/Write permissions to each button, form, or any other> object/grouping of objects available in any given application. ...
    (microsoft.public.dotnet.languages.csharp)
  • Re: Security Model
    ... > For our internal development, I'm trying to create a general, reusable> security framework that is very flexible. ... The access levels allowed on each 'object'> would be: ... This way, I have the flexibility to assign> View/Edit/Read/Write permissions to each button, form, or any other> object/grouping of objects available in any given application. ...
    (microsoft.public.dotnet.languages.vb)
  • Re: Recomended reading for 070-330
    ... I bought the Howard book and intend to use MSDN for anything it seems to ... > Building Secure Microsoft ASP.NET Applications ... > NET Framework Security ...
    (microsoft.public.cert.exam.mcad)
  • Re: Recomended reading for 070-330
    ... I bought the Howard book and intend to use MSDN for anything it seems to ... > Building Secure Microsoft ASP.NET Applications ... > NET Framework Security ...
    (microsoft.public.cert.exam.mcsd)
  • Moon genealogy; Moon Guard (UK: Royal Family security guard?)
    ... I am looking for information on the providers, both current and historic but especially between 1500 and 1810, of security for the British Royal Family. ... We are told that his ancestors include a member of a guard unit charged with the security of the Royal Family; this unit, supposedly, was named the Moon Guard and personnel assigned to it may have been resruited abroad, possibly in either Denmark or Norway, maybe even Sweden. ... What I would like to find is information on the history of this Royal guard. ... I have looked at the British Monarchy's website and that of the Royal Archive, but either there is nothing at euther site on this subject or it is not accessible to the novice that I am and would take someone who knows the intricacies of these particular websites far better than I do to find the information for which I am searching. ...
    (soc.genealogy.britain)