This assignment document will be distributed from Blackboard assignment folder. Some parts of the assignments will require you to research answers from your text book (you must read the text book to get some answers), from the Internet, or any other reasonable source.

After reviewing Internet sources that may be used help you prepare answers, I have found that any single Internet source is very incomplete and the format is not conducive for most answers required.  You may cut-and-paste answers whenever appropriate, you should take care to synthesize your answers to include multiple sources. I would be impressed that you consult a Google image search and paste and appropriate image to supplement your answer.

Since the quiz and test questions are based on your researched answers, I would recommend that you refer to any quiz questions on the assignment topics to ensure that your assignment answer is complete. Quiz answers will NOT be provided to you unless 75% of your answers from practice attempts are correct.

Please place your name in the beginning of this document and "Save As" this document using a new name that includes your name and the assignment number.

When completed, submit the FINAL version of this document to Blackboard under the Assignment folder for this individual assignment. This document will only be accepted by Blackboard, not by email or other form of submission.

1.1 Explain the following concepts in .NET.

1.2 Explain the functional and conceptual differences between User-based (principal) permissions and Code Access Permissions.

1.3 What are the advantages of using Permission Sets?

1.4 What are the advantages of using Code Groups?

1.5 What type of information is stored in an Identify object?

1.6 Principals execute code, not identities. Why is that?

PrincipalPermission and CodeAccessPermissions are "two derived implemenationtion classes of IPermission". As you may recall the function of "Implementation" in OOPL is to implement or code a interface that has been pre-written for you. The IPermission Interface provides several public methods that you can use, e.g., demand, union (is the principal either this or that?), intersect, etc,

1.7 What is the purpose of the PrincipalPermission Class when used for .NET User-based Security?

1.8 What is the conceptual difference between WindowsPrincipal and PrincipalPermission?

1.9 There are many more permissions to master for CodeAccessPermissions. After reviewing Page 205, 252-255 explain the conceptual use of FileIOPermissions.  

1.10 The operating system and NTFS is in charge of file permissions, yet there are FileIOPermissions attributes in .NET. Does this mean that .NET can override or change Windows NTFS permissions? Why does not .NET use FileIOPermissions?

1.11 The .NET IPermission interface provides public methods to implement permission checking and other permission operations. The most frequently used method is the Demand method. Describe how the demand method works.

1.12 Before the Demand method can be used which type of object needs to be instantiated before User-based security can be tested?

1.13 Before the Demand method can be used which type of object needs to be instantiated before Code-based security can be tested?

1.14 .NET provides various identity implementation classes for various authentication protocols. Describe and give an example or each

1.15 Which .NET identity types would most likely be used in cookie-based application authentication?

1.18 Which .NET identity types would most likely be used for web services and environments that require single-sign-on (SSO)?

1.19 Which .NET identity types would most likely incur and fee for its use?

1.20 Which .NET identity types would most likely be used to support eCommerce applications?