Reference links about "Role-Based Security, Principal, and Identity" of .NET Framework

Here are some basic important links to explain the security concepts of Windows.


.NET Securiy Overview (Althought it applies to .NET Framework 1.1)
http://msdn.microsoft.com/en-us/library/aa302422.aspx

Security Policy Model:
http://msdn.microsoft.com/en-us/library/ck90k585.aspx

Security Permissions:
http://msdn.microsoft.com/en-us/library/5ba4k1c5(VS.80).aspx

1. Code Access Permissions: http://msdn.microsoft.com/en-us/library/h846e9b3(VS.80).aspx


2. Identity Permissions: http://msdn.microsoft.com/en-us/library/d3wktt6a(VS.80).aspx


3. Role-Based Security Permissions: http://msdn.microsoft.com/en-us/library/7sxk9k2h(VS.80).aspx

Introduction of Role-Based Security:
http://msdn.microsoft.com/en-us/library/shz8h065(VS.80).aspx

Introduction of Cose Access Security:
http://msdn.microsoft.com/en-us/library/c5tk9z76(VS.80).aspx

What is "Principal"?
http://msdn.microsoft.com/en-us/library/axt6w9h8(VS.80).aspx

Principal and Identity Objects:
http://msdn.microsoft.com/en-us/library/ftx85f8x(VS.80).aspx

The principal object encapsulates:

• An identity object: .NET Framework identity objects represent users.
• A role: Roles represent membership and securiy contexts. A SecurityContext object captures all security-related information for a logical thread, including the information contained in the WindowsIdentity and CompressedStack objects.

.NET Framework application grant rights to the principal based on its identiy or, more commonly, its role membership.

What is "Evidence"?
http://msdn.microsoft.com/en-us/library/7y5x1hcd(VS.80).aspx

Security Context:
http://msdn.microsoft.com/en-us/library/system.security.securitycontext(VS.80).aspx

Credentials Management:
http://msdn.microsoft.com/en-us/library/aa374789(VS.85).aspx