Implementing Role Based Security using C#
(Page 1 of 4 )
Role Based Security (RBS) is part of Microsoft's effort to improve the security of its products and developer tools. It involves granting permissions based on a user's role(s) and groups as defined in their Windows account. It increases your chances of preventing unwanted access to or behavior of your application.
It is no secret that Microsoft has taken their lumps for security “issues” in their operating systems, Internet Explorer, ActiveX controls and IIS. To address the issue Microsoft is mounting a Herculean effort with people, time and money, to dramatically improve the overall security landscape of their products and developer tools. The best place to find the latest developer security information is the MSDN Security Developer Center. There you’ll find links to the essential security articles that should be required reading for every developer:
Improving Web Application Security: Threats and Countermeasures
Building Secure ASP.NET Applications
Security Tips Every Developer Must Know
Security in the .NET Framework
The area I’d like to explore in this article is coding for Role Based Security (RBS). Role Based Security involves granting permissions based on a user’s role(s) and groups as defined in their Windows account. As a developer you have the ability to restrict access to parts of your application according to the user’s account settings. No security scheme is perfect, but by implementing multiple levels of security you increase your chances of preventing unwanted access to or behavior of your application.
Next: Declarative and Imperative Security >>
More C# Articles
More By Victor Stachura
/ 15 
AT&T devCentral & BlackBerry(r) Webcast Series: BlackBerry and GPS -Build Location Awareness into your BlackBerry Applications, July 10th -1:00PM EST. 
