Click here to Skip to main content
15,881,812 members
Articles / Programming Languages / C#

The .NET Framework Security Model

Rate me:
Please Sign up or sign in to vote.
4.29/5 (10 votes)
28 Apr 20061 min read 57.1K   43   3
An article on the .NET framework security model.


When I was first faced with the .NET Framework security and cryptography fist, I noticed that most of the quick-start articles sufferes from lots of low-level details and explanations of the nuts and bolts of .NET Framework Security.

But for the first time, I needed a brief, easy to understand and remember tutorial, instead. So, actually this is not an article. This is rather a bird's-eye overview of the .NET Framework security model, with visual illustrations.

Security concepts

You can implement the security model in your applications in a declarative and/or an imperative way. In most cases, you should prefer declarative security, and implement the security model only when some application security issues can be known only at runtime.

Image 1

Sample of declarative security:

[assembly : FileDialogPermissionAttribute(

Sample of imperative security:

FileDialogPermission fileDlgPermission = new 

if (myDlgForm.ShowDialog() == DialogResult.OK)

.NET Framework Security Model

Image 2

Code Access Security (CAS)

Image 3


Image 4

Code groups

Image 5

CLR examines all code groups in the hierarchy. When the code group is marked as Exclusive, then the CLR stops checking for group membership. Next, the CLR determines the permission sets for each code group. If the code is a member of the code group that is marked as Exclusive, only the permission set of that code group is taken into account, otherwise the CLR calculates the permission as a Union of all permission sets of all code groups that the running code is a member of.

Computing Permissions

Image 6

Any code group can have a LevelFinal property; in that case, the CLR stops its examinations there.


This article has no explicit license attached to it but may contain usage terms in the article text or the download files themselves. If in doubt please contact the author via the discussion board below.

A list of licenses authors might use can be found here

Written By
Web Developer
Ukraine Ukraine

Comments and Discussions

GeneralMy vote of 3 Pin
Anirudha_Gohokar16-Mar-12 4:00
Anirudha_Gohokar16-Mar-12 4:00 
GeneralTurn Security Off Pin
buyValu18-Jun-07 10:21
buyValu18-Jun-07 10:21 
How do I turn this stupid security off? All of it! Every single hint of it! I can't even write code unless I put everything on my workstation. I'll worry about security after I get the code written. Microsoft documentation is worse than useless and it would take days of searching the net to become proficient at administrating it. In the meantime I could have written a few thousand lines of code. The app I'm writing isn't even network aware.
GeneralComponent level security Pin
Marc Clifton28-Apr-06 9:36
mvaMarc Clifton28-Apr-06 9:36 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Praise Praise    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.