NGWS SDK Documentation  

This is preliminary documentation and subject to change.
To comment on this topic, please send us email at ngwssdk@microsoft.com. Thanks!

Limiting access by code identity

Some code may be secured by requiring that only code with a certain identity (per strong name, from a certain site, etc.) may call it. This approach effectively pushes the effort to secure access onto the specified caller, so is only as good as the precautions taken by the trusted caller. However, when implemented with declarative security the link-time demand (a simple demand with no run-time performance cost, see Link Demand), when sufficient, provides very good performance. Since link-time demand only looks at the immediate referencing code it is subject to a luring attack unless all possible code paths are suitably protected.