System.Security.Policy 命名空間

包含程式碼群組、成員資格條件和辨識項。 Contains code groups, membership conditions, and evidence. 這三種類別的型別用於建立由 Common Language Runtime 安全性原則系統套用的規則。 These three types of classes are used to create the rules applied by the common language runtime security policy system. 辨識項類別是安全性原則的輸入,而成員資格條件是參數;綜合這些要素,便可建立原則陳述式 (Statement) 並決定授與的使用權限集合。 Evidence classes are the input to security policy and membership conditions are the switches; together these create policy statements and determine the granted permission set. 原則層級和程式碼群組是原則階層架構的結構。 Policy levels and code groups are the structure of the policy hierarchy. 程式碼群組是規則的封裝 (Encapsulation),並在原則層級中以階層架構排列。 Code groups are the encapsulation of a rule and are arranged hierarchically in a policy level.

類別

AllMembershipCondition

表示符合所有程式碼的成員資格條件。Represents a membership condition that matches all code. 此類別無法獲得繼承。This class cannot be inherited.

ApplicationDirectory

提供應用程式目錄做為原則評估的辨識項。Provides the application directory as evidence for policy evaluation. 此類別無法獲得繼承。This class cannot be inherited.

ApplicationDirectoryMembershipCondition

藉由測試組件的應用程式目錄,判斷它是否屬於程式碼群組。Determines whether an assembly belongs to a code group by testing its application directory. 此類別無法獲得繼承。This class cannot be inherited.

ApplicationSecurityInfo

保留應用程式的安全性辨識項。Holds the security evidence for an application. 此類別無法獲得繼承。This class cannot be inherited.

ApplicationSecurityManager

管理啟動資訊清單的應用程式之信任決策。Manages trust decisions for manifest-activated applications.

ApplicationTrust

封裝關於應用程式的安全性決策。Encapsulates security decisions about an application. 此類別無法獲得繼承。This class cannot be inherited.

ApplicationTrustCollection

表示 ApplicationTrust 物件的集合。Represents a collection of ApplicationTrust objects. 此類別無法獲得繼承。This class cannot be inherited.

ApplicationTrustEnumerator

代表 ApplicationTrustCollection 集合中 ApplicationTrust 物件的列舉程式。Represents the enumerator for ApplicationTrust objects in the ApplicationTrustCollection collection.

CodeConnectAccess

指定要授與程式碼的網路資源存取權限。Specifies the network resource access that is granted to code.

CodeGroup

表示抽象基底類別,程式碼群組之所有實作 (Implementation) 必須從它衍生。Represents the abstract base class from which all implementations of code groups must derive.

Evidence

定義構成安全性原則決策輸入的資訊集。Defines the set of information that constitutes input to security policy decisions. 此類別無法獲得繼承。This class cannot be inherited.

EvidenceBase

提供基底類別,所有要做為辨識項使用的物件都必須衍生自該類別。Provides a base class from which all objects to be used as evidence must derive.

FileCodeGroup

將管理位於程式碼組件 (Assembly) 上檔案的使用權限授權給符合成員資格條件的程式碼組件。Grants permission to manipulate files located in the code assemblies to code assemblies that match the membership condition. 此類別無法獲得繼承。This class cannot be inherited.

FirstMatchCodeGroup

允許由程式碼群組和第一個相符子程式碼群組的原則陳述式聯合定義安全性原則。Allows security policy to be defined by the union of the policy statement of a code group and that of the first child code group that matches. 此類別無法獲得繼承。This class cannot be inherited.

GacInstalled

請確認全域組件快取 (GAC) 中有產生程式碼組件,以做為原則評估的辨識項。Confirms that a code assembly originates in the global assembly cache (GAC) as evidence for policy evaluation. 此類別無法獲得繼承。This class cannot be inherited.

GacMembershipCondition

藉由測試組件的全域組件快取成員資格,決定組件是否屬於程式碼群組。Determines whether an assembly belongs to a code group by testing its global assembly cache membership. 此類別無法獲得繼承。This class cannot be inherited.

Hash

提供組件 (Assembly) 雜湊值 (Hash Value) 的相關辨識項。Provides evidence about the hash value for an assembly. 此類別無法獲得繼承。This class cannot be inherited.

HashMembershipCondition

測試組件的雜湊值 (Hash Value) 藉此判斷組件是否屬於程式碼群組。Determines whether an assembly belongs to a code group by testing its hash value. 此類別無法獲得繼承。This class cannot be inherited.

NetCodeGroup

將 Web 使用權限授權給下載組件的來源站台。Grants Web permission to the site from which the assembly was downloaded. 此類別無法獲得繼承。This class cannot be inherited.

PermissionRequestEvidence

定義表示使用權限要求的辨識項。Defines evidence that represents permission requests. 此類別無法獲得繼承。This class cannot be inherited.

PolicyException

當原則禁止程式碼執行時所擲出的例外狀況。The exception that is thrown when policy forbids code to run.

PolicyLevel

表示 Common Language Runtime 的安全性原則層級。Represents the security policy levels for the common language runtime. 此類別無法獲得繼承。This class cannot be inherited.

PolicyStatement

表示 CodeGroup 的陳述式,描述以特定辨識項 (Evidence) 集合套用至程式碼的使用權限和其他資訊。Represents the statement of a CodeGroup describing the permissions and other information that apply to code with a particular set of evidence. 此類別無法獲得繼承。This class cannot be inherited.

Publisher

提供程式碼組件的 Authenticode X.509v3 數位簽章做為原則評估的辨識項。Provides the Authenticode X.509v3 digital signature of a code assembly as evidence for policy evaluation. 此類別無法獲得繼承。This class cannot be inherited.

PublisherMembershipCondition

藉由測試組件的軟體發行者 (Publisher) 的 Authenticode X.509v3 憑證,判斷組件是否屬於程式碼群組。Determines whether an assembly belongs to a code group by testing its software publisher's Authenticode X.509v3 certificate. 此類別無法獲得繼承。This class cannot be inherited.

Site

提供程式碼組件的來源網站做為原則評估的辨識項。Provides the Web site from which a code assembly originates as evidence for policy evaluation. 此類別無法獲得繼承。This class cannot be inherited.

SiteMembershipCondition

藉由測試組件的來源站台,判斷該組件是否屬於程式碼群組。Determines whether an assembly belongs to a code group by testing the site from which it originated. 此類別無法獲得繼承。This class cannot be inherited.

StrongName

提供程式碼組件的強式名稱做為原則評估的辨識項。Provides the strong name of a code assembly as evidence for policy evaluation. 此類別無法獲得繼承。This class cannot be inherited.

StrongNameMembershipCondition

藉由測試組件的強式名稱 (Strong Name),判斷組件是否屬於程式碼群組。Determines whether an assembly belongs to a code group by testing its strong name. 此類別無法獲得繼承。This class cannot be inherited.

TrustManagerContext

表示在決定是否執行應用程式,以及在執行應用程式的新 AppDomain 上設定安全性時,信任管理員要考慮的內容。Represents the context for the trust manager to consider when making the decision to run an application, and when setting up the security on a new AppDomain in which to run an application.

UnionCodeGroup

表示程式碼群組,它的原則陳述式是目前程式碼群組原則陳述式和其所有相符子程式碼群組原則陳述式的聯合。Represents a code group whose policy statement is the union of the current code group's policy statement and the policy statement of all its matching child code groups. 此類別無法獲得繼承。This class cannot be inherited.

Url

提供程式碼組件的來源 URL 做為原則評估的辨識項。Provides the URL from which a code assembly originates as evidence for policy evaluation. 此類別無法獲得繼承。This class cannot be inherited.

UrlMembershipCondition

測試 URL,判斷組件是否屬於程式碼群組。Determines whether an assembly belongs to a code group by testing its URL. 此類別無法獲得繼承。This class cannot be inherited.

Zone

提供程式碼組件的安全性區域 (Security Zone) 做為原則評估的辨識項。Provides the security zone of a code assembly as evidence for policy evaluation. 此類別無法獲得繼承。This class cannot be inherited.

ZoneMembershipCondition

藉由測試組件的來源地區,判斷組件是否屬於程式碼群組。Determines whether an assembly belongs to a code group by testing its zone of origin. 此類別無法獲得繼承。This class cannot be inherited.

介面

IApplicationTrustManager

判斷是否應執行應用程式,以及應授與該應用程式的使用權限集合。Determines whether an application should be executed and which set of permissions should be granted to it.

IIdentityPermissionFactory

定義建立新識別 (Identity) 使用權限的方法。Defines the method that creates a new identity permission.

IMembershipCondition

定義要判斷程式碼組件 (Assembly) 是否為程式碼群組成員的測試。Defines the test to determine whether a code assembly is a member of a code group.

列舉

ApplicationVersionMatch

指定如何在集合中尋找應用程式信任時比對版本。Specifies how to match versions when locating application trusts in a collection.

PolicyStatementAttribute

定義程式碼群組安全性原則的特殊屬性 (Attribute) 旗標。Defines special attribute flags for security policy on code groups.

TrustManagerUIContext

指定信任管理員應該用於信任決策的使用者介面 (UI) 型別。Specifies the type of user interface (UI) the trust manager should use for trust decisions.