— New online course!  Getting Started with Azure DevOps — Special launch price 50% off —

Talk: “.NET Rights-based Security Development”, 1/5/2006

by

FYI…I’ll be speaking at the Boston Beantown.NET User Group on 1/5/2006 on “.NET Rights-based Security Development”.


Here’s the abstract:



The .NET security principal classes (WindowsPrincipal, GenericPrincipal) help you secure your application by checking if a user is a member of a “role”. For example, only members of “HR” role can view employee information. What if the requirements changed and now “HR” users can only view employee information for certain org units? A call to IsInRole() wouldn’t be enough because now you need the context of the org unit. Is this user a member of “HR” in the New York office? The solution is a rights-based security model. Rights-based security extends the traditional role-based security with the granularity of context-relevant securable actions. In this session, we will discuss the essentials of developing a rights-based security model in .NET, how to develop your own IPrincipal classes, and how to tie a rights-based security framework into the ASP.NET 2.0 membership features using a custom membership & role provider.


-Ben


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: