Securing Your Provider
Writing a secure provider requires considering how the provider is hosted, how the provider handles impersonation, and ensuring that users are checked for access rights to data. You can secure the data in your provider namespace by requiring that data be encrypted authentication before sending it over a network. For more information, see Requiring an Encrypted Connection to a Namespace.
If a user has FULL_WRITE access in any namespace, then the user can create cross-namespace subscriptions for data in a namespace in which the user is restricted. Because a provider can be loaded into any namespace and be executing in any security context, the provider should perform its own access checks to ensure that only authorized users are allowed access to data or to execute methods. For more information, see Performing Access Checks.
The following topics discuss provider security:
- Provider Hosting and Security
- Performing Access Checks
- Registry Keys for Controlling Provider Security
- Access to WMI Namespaces
- Impersonating a Client
The following topics discuss how clients and scripts interact with provider security:
- Setting Authentication in WMI
- Connecting Between Different Operating Systems
- Setting the Default Process Security Level Using VBScript
- Setting Client Application Process Security