NGWS SDK Documentation  

This is preliminary documentation and subject to change.
To comment on this topic, please send us email at ngwssdk@microsoft.com. Thanks!

Using Secure Class Libraries

A secure library is a class library in which security demands are used to ensure that the library's callers have permission to access the resources that the library exposes. For example, a secure class library might have a method for creating files and that method would demand that its callers have permissions to create files. The NGWS Frameworks comprises secure class libraries.

If you use a secure library to access resources, you don’t have to worry that your code might expose security weaknesses by accessing those resources. If your code requests and is granted the permissions that are required by the class library, your code will be allowed to access the library and the resource will be protected from unauthorized access; if your code doesn’t have the appropriate permissions, it will not be allowed to access the class library, and malicious code will not be able to use your code to indirectly access the resource.

Code access security doesn't eliminate the possibility of human error in writing code; however, if applications use secure class libraries to access protected resources, security risk for application code is decreased because class libraries are closely scrutinized for potential security problems.