What is CAS, evidence, permission set & code groups?

CAS-Code Access Security is a security model which grants or deny permissions to your Assemblies depending on Evidences (like from where the code comes from. Is the code come from internet or has it comes from valid publisher or other source)

How CAS works-

Before executing any assembly CAS collects the  Evidence Values(publisher, source of assembly, does it have strong name) about that assembly and depending on the Evidence values it start assigning permissions to the assembly via Permission set(Permission Set is the collection of permission).

Code Groups- Code Groups are collection of permission that is allocated to an Assembly as per the Evidence values.

We can apply CAS on any assembly using “caspol” to run this go to your Visual Studio Command Prompt and run “caspol”. But because it is very difficult to work through “caspol” we will use .Net framework 2.0 configuration tool for CAS.

To see what kind of permissions an assembly has- right click on runtime security policy from the left hand side tree and select Evaluate Assembly…

To create a permission set-right click on Permission Sets and add new permission set and add permissions as per you.

To change to Code Group-right click on particular code group and change the permission set as per you.

Problems with CAS-

1. Appling CAS is not an easy task.

2. Deployment of code require CAS Setup again

3. CAS doesn’t work on unmanaged code.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s