調調 asked in 社會與文化語言 · 1 decade ago

幫忙把英文翻成中文一下

Understanding .NET Security

Many of the .NET Framework configuration features have something to do with security. Anyone

familiar with Windows security understands that everything focuses on the user and that the user

always has the same rights no matter where the user accesses the system. The problem with this

approach is that modern viruses, adware, spyware, and crackers don’t just attack the user; they also

attack the code. Because Windows doesn’t secure the code, these nefarious elements can trick the code

into doing things that it wouldn’t normally do and create holes in security as a result. For example, the

code might request access to a file when it normally doesn’t do anything with files. The code could also

make a remote request, despite the fact that it doesn’t provide remote capabilities.

When working with .NET security, you must consider three elements. First, you need to consider

the user’s role. The role considers the user’s activity and you can define activity based on a computing

need. The role can also change as the user’s computing requirements change. Second, you must con-

sider the zone from which a request originates. A local request is far less likely to have security impli-

cations than one that comes from the Internet. By changing security to meet the requirements of a

particular zone, you can ensure that Internet requests never access a file on the system even though

local requests from the same party can. Third, it’s important to secure the code. An application that

doesn’t normally handle files should never have the right to do anything with a file. Even if the appli-

cation has a security hole and a cracker exploits that hole, if CLR determines that the code can’t access

a file the cracker wants, the cracker hasn’t gained anything. The following sections discuss these three

elements in detail.

1 Answer

Rating
  • Favorite Answer

    理解。網絡安全許多。網絡框架配置特點與安全有關。 任何人熟悉窗口安全瞭解一切集中於用戶,并且用戶總有同樣權利,不管哪裡用戶存取系統。 問題與此方法是現代病毒, 廣告商品, 間諜商品, 并且薄脆餅乾僅不攻擊用戶; 他們也攻擊代碼。 由於窗口不獲取代碼, 這些惡毒元素可能欺騙代碼入做結果它在安全通常不會做并且不會創造孔的事。例如, 當它通常不做什麼與文件時,代碼也許請求對文件的通入。 代碼能也做一個遙遠的請求, 竟管它不提供遙遠的能力。 當工作與時。網絡安全, 您必須考慮三個元素。 首先,您需要考慮用戶角色。 角色考慮用戶的活動,并且您能定義根據計算的活動需要。 當用戶的計算的要求改變,角色可能也改變。 其次, 您必須精讀sider請求發源的區域。 一個地方請求比來自互聯網的一个是遠較不可能有安全impli-正離子。 通過改變安全遇見一個特殊區域的要求, 您能保證互聯網在系統從未請求通入一個文件,即使地方請求從同一個黨能。 第三, 獲取代碼是重要的。 應用那通常不處理文件應該從未有權利做任何東西與文件。 即使appli-正離子有安全孔和鑽孔的薄脆餅乾盤剝, 如果CLR確定代碼不可能訪問文件薄脆餅乾要, 薄脆餅乾未獲取什麼。 以下部分詳細談論這三個元素。

    Source(s): ----------------
Still have questions? Get your answers by asking now.