NGWS SDK Documentation  

This is preliminary documentation and subject to change.
To comment on this topic, please send us email at ngwssdk@microsoft.com. Thanks!

Permissions

The NGWS runtime allows code to perform only those operations that the code has "permission" to perform. To implement its mechanism for enforcing restrictions on managed code, the runtime uses objects called permissions. The primary uses of permissions are as follows: code can request the permissions it needs to access resources or perform operations; the runtime can grant permissions to code, based on characteristics of the code's identity, on what permissions were requested, and on how much the code is trusted; and code can demand that its callers have specific permissions. For more information about how the runtime decides which permissions to grant, see Security Policy and Permission Grants.

There are three kinds of permissions, each of which has a specific purpose:

The runtime provides built-in permission classes in the System.Security.Permissions namespace and also supplies support for designing and implementing custom permission classes.