System.Security.Policy Namespace

System.Security.Policy 命名空间包含代码组、成员条件和证据。 The System.Security.Policy namespace contains code groups, membership conditions, and evidence. 这三种类型的类用于创建由公共语言运行时安全策略系统应用的规则。 These three types of classes are used to create the rules applied by the common language runtime security policy system. 证据类是安全策略的输入,而成员条件是开关;二者共同创建策略语句并确定授予的权限集。 Evidence classes are the input to security policy and membership conditions are the switches; together these create policy statements and determine the granted permission set. 策略级别和代码组是策略层次的结构。 Policy levels and code groups are the structure of the policy hierarchy. 代码组是规则的封装并且在策略级别中分层排列。 Code groups are the encapsulation of a rule and are arranged hierarchically in a policy level.

AllMembershipCondition

表示与所有代码匹配的成员条件。Represents a membership condition that matches all code. 此类不能被继承。This class cannot be inherited.

ApplicationDirectory

提供应用程序目录作为策略评估的证据。Provides the application directory as evidence for policy evaluation. 此类不能被继承。This class cannot be inherited.

ApplicationDirectoryMembershipCondition

通过测试程序集的应用程序目录确定该程序集是否属于代码组。Determines whether an assembly belongs to a code group by testing its application directory. 此类不能被继承。This class cannot be inherited.

ApplicationSecurityInfo

保存应用程序的安全证据。Holds the security evidence for an application. 此类不能被继承。This class cannot be inherited.

ApplicationSecurityManager

管理清单激活应用程序的信任决定。Manages trust decisions for manifest-activated applications.

ApplicationTrust

封装关于应用程序的安全决策。Encapsulates security decisions about an application. 此类不能被继承。This class cannot be inherited.

ApplicationTrustCollection

表示 ApplicationTrust 对象集合。Represents a collection of ApplicationTrust objects. 此类不能被继承。This class cannot be inherited.

ApplicationTrustEnumerator

表示 ApplicationTrustCollection 集合中的 ApplicationTrust 对象的枚举数。Represents the enumerator for ApplicationTrust objects in the ApplicationTrustCollection collection.

CodeConnectAccess

指定授予代码的网络资源访问权限。Specifies the network resource access that is granted to code.

CodeGroup

表示抽象基类,必须从该基类中导出代码组的所有实现。Represents the abstract base class from which all implementations of code groups must derive.

Evidence

定义组成对安全策略决策的输入的一组信息。Defines the set of information that constitutes input to security policy decisions. 此类不能被继承。This class cannot be inherited.

EvidenceBase

提供一个基类,要用作证据的所有对象都必须派生自该类。Provides a base class from which all objects to be used as evidence must derive.

FileCodeGroup

向符合成员条件的代码程序集授予权限以操作位于代码程序集中的文件。Grants permission to manipulate files located in the code assemblies to code assemblies that match the membership condition. 此类不能被继承。This class cannot be inherited.

FirstMatchCodeGroup

允许由代码组的策略声明和第一个匹配的子代码组的策略声明的联合来定义安全策略。Allows security policy to be defined by the union of the policy statement of a code group and that of the first child code group that matches. 此类不能被继承。This class cannot be inherited.

GacInstalled

确认一个代码程序集在全局程序集缓存 (GAC) 中以策略评估证据的形式产生。Confirms that a code assembly originates in the global assembly cache (GAC) as evidence for policy evaluation. 此类不能被继承。This class cannot be inherited.

GacMembershipCondition

通过测试程序集的全局程序集缓存成员资格,确定该程序集是否属于代码组。Determines whether an assembly belongs to a code group by testing its global assembly cache membership. 此类不能被继承。This class cannot be inherited.

Hash

提供有关程序集的哈希值的证据。Provides evidence about the hash value for an assembly. 此类不能被继承。This class cannot be inherited.

HashMembershipCondition

通过测试程序集的哈希值确定该程序集是否属于代码组。Determines whether an assembly belongs to a code group by testing its hash value. 此类不能被继承。This class cannot be inherited.

NetCodeGroup

向从其下载程序集的站点授予 Web 权限。Grants Web permission to the site from which the assembly was downloaded. 此类不能被继承。This class cannot be inherited.

PermissionRequestEvidence

定义表示权限请求的证据。Defines evidence that represents permission requests. 此类不能被继承。This class cannot be inherited.

PolicyException

当策略禁止代码运行时引发的异常。The exception that is thrown when policy forbids code to run.

PolicyLevel

表示公共语言运行时的安全策略级别。Represents the security policy levels for the common language runtime. 此类不能被继承。This class cannot be inherited.

PolicyStatement

表示描述权限和其他适用于具有特定证据集的代码的信息的 CodeGroup 的语句。Represents the statement of a CodeGroup describing the permissions and other information that apply to code with a particular set of evidence. 此类不能被继承。This class cannot be inherited.

Publisher

提供代码程序集的 Authenticode X.509v3 数字签名作为策略评估的证据。Provides the Authenticode X.509v3 digital signature of a code assembly as evidence for policy evaluation. 此类不能被继承。This class cannot be inherited.

PublisherMembershipCondition

通过测试程序集的软件发行者 Authenticode X.509v3 证书确定程序集是否属于代码组。Determines whether an assembly belongs to a code group by testing its software publisher's Authenticode X.509v3 certificate. 此类不能被继承。This class cannot be inherited.

Site

提供从其中产生代码程序集的网站作为策略评估的证据。Provides the Web site from which a code assembly originates as evidence for policy evaluation. 此类不能被继承。This class cannot be inherited.

SiteMembershipCondition

通过测试从其中产生程序集的站点确定该程序集是否属于代码组。Determines whether an assembly belongs to a code group by testing the site from which it originated. 此类不能被继承。This class cannot be inherited.

StrongName

提供代码程序集的强名称作为策略评估的证据。Provides the strong name of a code assembly as evidence for policy evaluation. 此类不能被继承。This class cannot be inherited.

StrongNameMembershipCondition

通过测试程序集的强名称确定该程序集是否属于代码组。Determines whether an assembly belongs to a code group by testing its strong name. 此类不能被继承。This class cannot be inherited.

TrustManagerContext

表示作出决定以运行应用程序时和为新的 AppDomain(要在其中运行应用程序)建立安全时,信任关系管理器要考虑的上下文。Represents the context for the trust manager to consider when making the decision to run an application, and when setting up the security on a new AppDomain in which to run an application.

UnionCodeGroup

表示一个代码组,该代码组的策略声明是当前代码组的策略声明和所有其匹配的子代码组策略声明的联合。Represents a code group whose policy statement is the union of the current code group's policy statement and the policy statement of all its matching child code groups. 此类不能被继承。This class cannot be inherited.

Url

提供从其中产生代码程序集的 URL 作为策略评估的证据。Provides the URL from which a code assembly originates as evidence for policy evaluation. 此类不能被继承。This class cannot be inherited.

UrlMembershipCondition

通过测试程序集的 URL 确定该程序集是否属于代码组。Determines whether an assembly belongs to a code group by testing its URL. 此类不能被继承。This class cannot be inherited.

Zone

提供代码程序集的安全区域作为策略评估的证据。Provides the security zone of a code assembly as evidence for policy evaluation. 此类不能被继承。This class cannot be inherited.

ZoneMembershipCondition

通过测试程序集的原始区域确定该程序集是否属于代码组。Determines whether an assembly belongs to a code group by testing its zone of origin. 此类不能被继承。This class cannot be inherited.

接口

IApplicationTrustManager

确定是否应执行应用程序以及应授予它哪个权限集。Determines whether an application should be executed and which set of permissions should be granted to it.

IIdentityPermissionFactory

定义创建新标识权限的方法。Defines the method that creates a new identity permission.

IMembershipCondition

定义测试以确定代码程序集是否是代码组的成员。Defines the test to determine whether a code assembly is a member of a code group.

枚举

ApplicationVersionMatch

指定在集合中查找应用程序信任时如何匹配版本。Specifies how to match versions when locating application trusts in a collection.

PolicyStatementAttribute

为代码组上的安全策略定义特殊的特性标志。Defines special attribute flags for security policy on code groups.

TrustManagerUIContext

指定信任关系管理器应该用于作出信任决定的用户界面 (UI) 类型。Specifies the type of user interface (UI) the trust manager should use for trust decisions.