This article has been excerpted from book "The Complete Visual C# Programmer's Guide" from the Authors of C# Corner.Although you briefly encountered the concept of evidence in the earlier discussion of code groups, let's expand the concept here. Evidence is information that the CLR uses to make decisions regarding security policy. The CLR decides that the code has particular membership to a code group depending on evidence gathered about the code. Evidence can include digital signatures and the location where code originates. Although the following list of all evidence types looks much like the list of coding groups, the two serve totally different purposes.
Other than the different types of evidence shown above (Application directory, Hash, Publisher, Site, Strong name, URL, Zone), application-defined or system-defined evidence can also be provided to the runtime by trusted application domain hosts. CLR uses this system-defined evidence to evaluate enterprise, machine, user policy and an application domain policy for assemblies and return the set of permissions to grant to the assembly or application domain. Objects of any type that are recognized by security policy represent evidence. Let us look at an example of examining the evidence contained in an assembly. Listing 22.3 displays the evidence that is passed to the security system for the mscorlib.dll assembly. The .NET Framework generates a permission set for the assembly based on security policy using the evidence according to policy files adjusted by administrators. Listing 22-3: Outputting Evidence from an Assembly using System;using System.Reflection;using System.Security.Policy;using System.Collections;public class XMLApp{ public static void Main(String[] args) { try { // temporary Int64 object Int64 bigint1 = new Int64(); // get the target class type Type mytype = bigint1.GetType(); // get the assembly which hosts the Integer type. Assembly myassembly = Assembly.GetAssembly(mytype); Evidence myevidence = myassembly.Evidence; Console.WriteLine("How many evidences? " + myevidence.Count +"\r\n"); IEnumerator ienum = myevidence.GetEnumerator(); while (ienum.MoveNext()) { Console.WriteLine(ienum.Current); } /* The listing will output: How many evidences? 4 <System.Security.Policy.Zone version="1"> <Zone>MyComputer</Zone> </System.Security.Policy.Zone> <System.Security.Policy.Url version="1"> <Url>file://C:/windows/microsoft.net/framework/v1.0.3705/ mscorlib.dll</Url> </System.Security.Policy.Url> <StrongName version="1" Key="00000000000000000400000000000000" Name="mscorlib" Version="1.0.3300.0"/> <System.Security.Policy.Hash version="1"> <RawData> ............................. ............................. ............................. </RawData> </System.Security.Policy.Hash> */ } catch (Exception e) { Console.WriteLine("Exception: {0}", e.ToString()); } }}ConclusionHope this article would have helped you in understanding Evidence in C#. See other articles on the website on .NET and C#.
You need to be a premium member to use this feature. To access it, you'll have to upgrade your membership.
Become a sharper developer and jumpstart your career.
$0
$
. 00
monthly
For Basic members:
$20
For Premium members:
$45
For Elite members: