SmoothDesigners

CLS-compliant Exception – Any exception object managed by the .NET Framework. All CLS compliant exception derives from the System.Exception hierarchy. CLS stands for Common Language Specification.

COM (Component Object Model) – Prior to .NET, COM was the fundamental development framework from Microsoft.

COM Callable Wrapper (CCW) – A proxy class that sits between a .NET assembly and a COM component and that allows the COM component to consume the .NET assembly.

Interoperation, interop – managed and unmanaged code working together.

Managed Code – Code that is managed by the .NET Framework runtime.

Marshaling – Moving type data across different execution environments.

Memory Leak – The problem of resource leakage related to memory that is not reclaimed.

Platform Invoke – A mechanism used to call unmanaged code from managed code.

Runtime Callable Wrapper (RCW) – A proxy class that sits between a .COM component and a .NET assembly and that allows the .NET assembly to consume the component.

Type Library Exporter – A tool used to export a >NET type to COM

Type Library Importer - A tool used to import a COM type into .NET

Type Safety – Verification of a given type so that mismatches cannot occur.

Attribute – A specific class type in the .NET framework that allows for declarative binding of code.

Debug – A specific constant defined in an application that allows debugger objects to be attached to code.

Debugger – A class that provides access to the default debugger attached to an application

Event log – A mechanism that allows an application to record information about its state and persist it permanently.

Management Query – A request for information about a Windows Management Instrumentation object.

Performance Counter – A mechanism to measure performance of code that is executing.

Process – An application that is currently running. Processes allow for resource isolation.

StackTrace – An ordered collection of one or more StackFrame objects.

Windows Management Instrumentation – A technology that provides access to information about objects in a managed environment.

Application Setting – A custom setting that the application reads, writes, or both.

Configuration Management – The practice of handling and managing how an application is set up and configured.

Connection String – A specific value used by an application to connect to a given database. All ODBC and OleDb compliant databases use a connection string. For security those should always be encrypted.

.NET Framework 2.0 Configuration Tool (Mscorcfg.msc) – A tool provided by the .NET framework that allows visual configuration and management of applications and assemblies.
http://msdn.microsoft.com/en-us/library/2bc0cxhc(VS.80).aspx

Roll back – An action taken in cases where an installation does not complete successfully. To roll back means to undo any changes made up until the point of failure so that the machine is returned to the state is was in prior to the installation attempt.

Uninstall – Getting rid of any remnants of an application so that the machine looks identical to how it would have had the application never been installed.

Application domain – A logical container that allows multiple assemblies to run within a single process, while preventing them from directly accessing another assembly’s memory.

Assembly evidence – Evidence that an assembly presents that describes the assembly’s identity, such as the hash, the publisher, or the strong name.

Defense-in-depth – The security principle of providing multiple levels of protection so that your system is still protected in the event of vulnerability.

Evidence – The way an assembly is identified, such as the location where the assembly is stored, a hash of the assembly’s code, or the assembly’s signature. The information that the runtime gathers about an assembly is then used to determine which code groups the assembly belongs to. The code groups, in turn, determine the assembly’s privileges.

LocalService – A service account that runs with very limited privileges

LocalSystem – A service account that runs with almost unlimited privileges.

NetworkService – A service account that is capable of authenticating to remote computers.

Service – A process that runs in the background, without a user interface, in its own user session.

Threading in C#
http://www.albahari.com/threading/
C# Programmer’s Reference Threading Tutorial
http://msdn.microsoft.com/en-us/library/aa645740(VS.71).aspx

Summary:
The advantage of threading is the ability to create applications that use more than one thread of execution. For example, a process can have a user interface thread that manages interactions with the user and worker threads that perform other tasks while the user interface thread waits for user input.

Code Example (C#):

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23

        static void Main(string[] args)
        {
            ThreadStart starter = new ThreadStart(counting);
            Thread first = new Thread(starter);
            Thread second = new Thread(starter);
 
            first.Start();
            second.Start();
 
            first.Join();
            second.Join();
 
            Console.Read();
        }
 
        static void counting()
        {
            for (int i = 1; i <= 10; i++)
            {
                Console.WriteLine("Count: {0} - Thread: {1}", i, Thread.CurrentThread.ManagedThreadId);
                Thread.Sleep(10);
            }
        }

Asynchronous Programming Model – A pattern of working with specific types of .NET classes that use begin/End method pairs to provide asynchronous execution of certain methods.

Thread – A single synchronous line of execution of code.

Mutex - A synchronization primitive that can also be used for interprocess synchronization. Used to synchronize threads.
http://msdn.microsoft.com/en-us/library/system.threading.mutex.aspx

Semaphor - Limits the number of threads that can access a resource or pool of resources concurrently. Used to throttle threads.
http://msdn.microsoft.com/en-us/library/system.threading.semaphore.aspx

Timer – a basic object that will fire off an asynchronous call to a method based on time. There are three Timer classes. System.Threading.Timer, System.Windows.Forms.Timer and the System.Timers.Timer

Windows Kernel Objects – Operating system provided mechanisms that perform cross process synchronization. These include mutexes, semaphores, and events.

Boxing – Enabling a value type to be treated as an object.
Code Example (C#):

1
2
3
4
5
6
7

//Boxing
int a = 123;
 
//Unboxing
b = 123;
a = (int)b;  // unboxing
object b = (object)a;  // boxing

Cast – A conversion from one type to another.
Code Example (C#):

1
2
3

double a = 1.3425;
int b;
b = (int)a; //Cast double to an int

Constraint – A condition on a type parameter that restricts the type argument you can supply for it. A constraint can require that the type argument implement a specific interface, be or inherit from a specific class, have an accessible parameter less constructor, or be a reference type or a value type.

Contract – A common set of members that all classes that implement the interface must provide.

Exception – The base class which contains an error message and other application data. The .NET framework defines hundreds of exception classes to describe different events, all derived from System.SystemException.
http://www.developerfusion.com/article/1889/exception-handling-in-c/3/
Code Example (C#):

1
2
3
4
5
6
7
8
9
10

	Try
	{ }
	Catch (System.IO.FileNotFoundExecption ex)
	{
		Console.WriteLine(“The file could not be found. “);
	}
Catch (Exception ex)
	{
		Console.writeLine(“Error reading file: “ + ex.Messsage);
	}

Filtering Exceptions – A process used to filter through multiple exception classes and allow different responses depending on the exception. This can be achieved by using the Try, Catch and Finally Method.

Garbage Collection – A process were the runtime manages the memory used by the heap. Garbage collection recovers memory periodically as needed by disposing of the items that are no longer referenced.

Generic Type – A single programming element that adapts to perform the same functionality for a variety of data types.
Generic Type Parameters (C# Programming Guide)
http://msdn.microsoft.com/en-us/library/0zk36dx2(VS.80).aspx
Benefits of Generics (C# Programming Guide)
http://msdn.microsoft.com/en-us/library/b5bx6xee(VS.80).aspx

Heap – An area of memory where the actual data that address refers to is stored.

Interface - A common set of members that all classes that implement the interface must provide.

Narrowing – Happens when a value is converted from one type to another when the destination type can’t accommodate all possible values from the source. For example narrowing would happen when a double is type cast to an int.

Nullable type – A type of variable that can be used to determine weather a value has not been assigned, it allows the value to store a null value. If a bool type is Nullable then it can have a value of true, false, or null.
Code Example (C#):

1
2
3
4

Nullable b = null;
 
		//Shorthand notation, only for C#
		bool? b = null;

Signature – The return type, parameter count, and parameter types of a member.

Stack – Where instances of value types are stored in memory. Where the runtime can create, read, update and remove them quickly within minimal overhead.

Structure – User-defined types are also called structures or simply Structs. User-defined types are stored on the stack and they contain their data directly. In most other ways, structures behave nearly identical to classes.

Structure types should meet all of these criteria:
• Logically Represents a single value
• Has an instance size less than 16 bytes
• Will not change after creation
• Will no be cast to a reference type

Code Example (C#):

1
2

struct Person
{ }

Unboxing – Converting back from a reference type to a value type after boxing has occurred.
Code Example (C#):

1
2
3

//Unboxing
b = 123;
a = (int)b;  // unboxing

Widening – The opposite of narrowing when a value is converted to a different type where the destination type can accommodate all possible values from the source type. Widening would occur when an int is type cast to a double.

Module – A single container for types inside an assembly. An assembly can contain one or more modules.

Multifile Assemblies – A logical container for different parts of the data the CLR (Common Language Runtime) needs to execute code. One file in the assembly must contain the assembly manifest. An assembly that starts an application must also contain an entry point. (A main method)

Reasons to use multifile assemblies:

• To combine modules written in different languages. This is the most common reason for creating a multifile assembly.
• To optimize downloading an application by putting seldom-used types in a module that is downloaded only when needed.
• To combine code modules written by several developers. Although each developer can compile each code module into an assembly, this can force some types to be exposed publicly that are not exposed if all modules are put into a multifile assembly.

Note: Multifile assemblies can have only one entry point, even if the assembly has multiple code modules.

http://msdn.microsoft.com/en-us/library/168k2ah5(VS.71).aspx

Satellite Assemblies – A .NET Framework assembly containing resources specific to a given language. Using Satellite assemblies, you can place the resources for different languages in different assemblies, and the correct assembly is loaded into memory only if the user elects to view the application in that language.

Notes:

System.SecurityCryptography namespace is used for encrypting and decrypting data.

System.Security.AccessControl namespace is used for access to the DACLs, SACLs, and ACLs.

Access control list (ACL) – The operating system’s method for tracking who should have access to what, and determining which actions require adding an event to the event log.

Advanced Encryption Standard (AES) – Also known as Rijndael, RijndaeManaged - A government encryption standard. It is the only .NET framework symmetric encryption class that is fully managed. All other encryption classes call unmanaged code. Because of this it is the preferred choice when your application will be running in a partially trusted environment.

Key Length: 128 through 256 bits, in 32-bit increments

Asymmetric encryption – Also known as public-key encryption, overcomes symmetric encryption’s most significant disability: requiring both the encryptor and the decryptor to know a shared secret. Asymmetric encryption relies on key pairs. In a key pair, there is one public key and one private key. The public key can be freely shared because it cannot be easily abused, even by an attacker. Messages encrypted with the public key can be encrypted only with the private key, allowing anyone to send encrypted messages that can be decrypted only by a single individual.

Advantages:

Harder to break than symmetric algorithms

Disadvantages:

Not as fast as symmetric algorithms

Key management – led to the creation of the Public Key Infrastructure (PKI), or certificate services

http://en.wikipedia.org/wiki/Asymmetric_encryption

Authentication – Checking a user’s identity

1
2
3
4
5
6
7
8
9
10
11
12
13
14

WindowsIdentity currentIdentity = WindowsIdentity.GetCurrent();
 
Console.WriteLine(“Name: “ + currentIdentity.Name);
Console.WriteLine(“Token: “ + currentIdentity.Token.ToString());
Console.WriteLine(“Authentication Type: “ + currentIdentity.AuthenticationType);
 
	If (currentIdentity.IsAnonymous)
		Console.WriteLine(“This user is an anonymous user”);
	If (currentIdentity.IsAuthenticated)
		Console.WriteLine(“This users is an authenticated user”);
	If (currentIdentity.IsGuest)
		Console.WriteLine(“This user is a Guest”);
	If (currentIdentity.IsSystem)
		Console.WriteLine(“This user is part of the System”);

Authorization – The process of verifying that a user is allowed to access a requested resource. Authorization generally happens only after authentication.

1
2

	If (currentPrincipal.IsInRole(@”Division\Accounting”))
		Console.WriteLine(“User is in Accounting”);

Cipher text – Encrypted data

Data Encryption Standard (DES) – A symmetric encryption algorithm that uses relatively short key lengths that are vulnerable to cracking attacks. As a result, it should be avoided. However it remains commonly used because it is compatible with a wide range of legacy platforms.

Key Length: 56 Bits

Declarative RBS demands – Instructs the runtime to perform an RBS check before running a method. This is the most secure way to use RBS to restrict access to code because security is enforced by the runtime before it runs your code.

There are two primary disadvantages to declarative RBS demands:

• They can be used only to restrict access to entire methods
• They might result in the runtime throwing an exception. If the method was called by a windows event, windows catch the exception, and your application might stop running.

To use declarative RBS demands, you must have three elements in your code:

• The System.AppDomain.CurrentDomain.SetPrincipalPolicy method to specify the principal security policy
• A Try/Catch block to catch underprivileged access attempts and to report the error appropriately
• A PrincipalPermission attribute to declare the method’s access requirements

Digital Signature – A value that can be appended to electronic data to prove that it was created by a user who possesses a specific private key.

Note: Digital signatures do not protect the secrecy of the data being signed. To protect the secrecy of the file, you must encrypt it.

Discretionary Access Control List (DACL) – is an authorization restriction mechanism that indentifies the users and groups that are allowed or denied access to an object. Through the use of Access Control Entries (ACEs) the DACL determines user access to the object.

Note: The difference between SACLs and DACLs:

DACLs restrict access, whereas SACLs audit access.

Encryption key – A value, used in the encryption and decryption process, which controls how the data is ciphered.

Hash – A checksum that is unique to a specific file or piece of data. You can use a hash value to verify that a file has not been modified after the hash was generated.

Imperative RBS demands – Are declared within your code and can be used to restrict access to portions of code on a more granular basis than declarative RBS demands. In other words, imperative RBS demands allow you to restrict portions of a method whereas declarative RBS demands require you to restrict entire methods. To use imperative RBS demands, you must have four elements in your code:

• The System.AppDomainCurrentDomainSetPrincipalPolicy method to specify the principal security policy
• A Try/Catch block to catch underprivileged access attempts and report the error appropriately
• A PrincipalPermission object, with properties set according to the restrictions you want to impose.
• A call to the PrincipalPermission.Demand method to declare the method’s access requirements

Inherited Permission – Propagates to an object from its parent object.

Initialization Vector (IV) – Data that symmetric encryption algorithms use to further obscure the first block of data being encrypted, which makes unauthorized decrypting more difficult.

Keyed Hash algorithms – Algorithms that protect against modification of the hash by encrypting it with a secret key that both the sender and receiver must have.

MD5 – (Message Digest algorithm) The hash size for the MD5 algorithm is 128 bits.

Implementation Class: MD5CryptoServiceProvider

Principal – A representation of the identity of the active user and any roles to which the user belongs.

RC2 – An encryption standard designed to replace DES that uses variable key sizes.

Key Length: Variable

Rijndael, RijndaeManaged - A government encryption standard, this algorithm is also knows as Advanced Encryption Standard, or AES. It is the only .NET framework symmetric encryption class that is fully managed. All other encryption classes call unmanaged code. Because of this it is the preferred choice when your application will be running in a partially trusted environment.

Key Length: 128 through 256 bits, in 32-bit increments

Role-based Security (RBS) – Allows you to control what users can access based on their user name and group memberships.

Security Access Control List (SACL) – is a usage event logging mechanism that determines how file or folder access is audited. Unlike the DACL, an SACL cannot restrict access to a file or folder. However, an SACL can cause an event to be recorded in the security event log when a user accesses a file or folder.

Note: The difference between SACLs and DACLs:

DACLs restrict access, whereas SACLs audit access.

SHA1 – The Secure Hash Algorithm 1. The hash size for the SHA1 algorithm is 160 bits.

Other versions: SHA256, SHA284, SHA512

Implementation Class: SHA1CryptoServiceProvider

Shared Secret – The shared key that is required for two peers to encrypt and decrypt messages.

Symmetric encryption – Also known as secret-key encryption, it is a cryptography technique that uses a single secret key to both encrypts and decrypts data. Symmetric algorithms are extremely fast and are well suited for encrypting large quantities of data.

Advantages:

Fast

Well suited for encrypting large files

Disadvantages:

Cracking is only a manner of time. (the longer the key the harder it would be to crack the key)

Requires a shared key

Types of Symmetric Cryptography Classes:

RijindaelManaged, RC2, DES, TripleDES

http://en.wikipedia.org/wiki/Symmetric-key_algorithm

Triple DES – Essentially applies the DES algorithm three times.

Key Length: 156 Bits, of which only 112 bits are effectively used for encryption