Wednesday, August 14, 2013

C# - Security access in Object Oriented programing

When working in this architecture we have classes that inherited from different classes that could be located on external Dll or in the same solution. Sometimes we need to restrict the access for different classes, this article will explain the basic permissions we can use to develop our secured software.
Permission can be used on different types of objects, for example we can set permission on classes, methods or variables.
Permissions Basics:
Internal – every object (Class/Method) that we declare with as ‘Internal’ will allow access form every object that resides in the same namespace.
By default ‘Internal’ permission is set on every object if nothing else defined.
Public – From the name it’s cleared that it’s the less restricted permission, every objects set with this permission will allow access from every other solution.
Private - exactly the opposite from ‘Public’, this permission is the most restricted one. Access will allow only from the same class from different methods.
Protected - access will allow for objects from the same class and from all other classes inherited from it.
Why using different permissions?
Theoretically, it’s clear that if we set all objects with ‘Public’ permissions we have easy life. But in real world we never want to use it . First OOP allow us to set ‘Encapsulation’ architecture (Setting props with secured access).
Second, we want to set our application secured , by implementing a good security model we can restrict the user from access different pats in code, user can see only the object we want him to see.
Third, I mention the ‘Encapsulation’ architecture, using it we can always be sure that variables receive a valid values, user cannot insert invalid values that can cause defects in code.

No comments:

Post a Comment

My Presentations