Microsoft Intermediate Language (MSIL)

When a .NET application is compiled it is converted from the language it was written in (VB.NET, C#, J# etc) to a Managed Module.

Managed Module is a low level set of instructions understood by Common Language Runtime.

This Managed Module contain MSIL which is direct compiled form of your code and metadata.









Metadata

Every managed module contains metadata that describe the two things:

1. The types (classes) and members defined in your source code.

2. The types (classes) and members referenced by your source code.

Metadata is always associated with the file that contain the IL code.

.NET Framework Languages

The .NET Framework is language neutral – an application written in VB.NET can access a file written in C# which also can access the file written in J# and so on.
Following Languages are currently available:

Common Type Specification (CTS)

.NET Framework also defines CTS which defines what types are allowed to run inside the framework.

Due to this there is no need to Integer in VB.NET and int in C# are System.Int32 according to CTS.

for more..... visit

http://www.csharphelp.com/archives3/archive525.html#CTSINTRO

.NET SECURITY

.NET Security Overview

Common Language Runtime (CLR) and .NET Framework provide many useful classes and services to write secure code.
These classes and services also enable system administrators to customize the access to protected resource.

.NET Framework Security

.NET Framework Provide two types of security mechanisms.
1. Code Access Security (CAS)
2. Role Based Security (RBS)

Code Access Security

CAS is a security system that allows developers and administrators to control application authorization in the same way as they authorize users.
We can restrict the access of many important resources of the system such as followings:

File System
System Registry
Printers
Event Logs
Internet Access

CAS system check partially trusted assemblies each time they try to access protected resource.
Some assemblies are exempt from CAS checks and they are called fully trusted assemblies. These assemblies can access any system resource that the user has permission to access.
Unmanaged applications are also exempt from CAS checks and developers need to manage them with operating system or Role based security.

Authentication

Authentication is the process of discovering and verifying the identity of a user by

examining the user’s credentials and validating those credentials against some authority.

The Credentials normally used are User ID and Password.

Authorization

Authorization is the process of determining whether a user is allowed to perform a requested action.

Authorization occurs after authentication.

Authorization uses information about user identity and roles to determine what resources the user can access.

,NET Security - Code Access Security

.NET Security Concepts

1. Evidence (CAS)
2. Permission (CAS)
3. Permission Set (CAS)
4. Code Group (CAS)
5. Security Policy (CAS)

6. Identity (RBS)
7. Principal (RBS)


Evidence

Evidence is the information that the runtime collect about an assembly to determine which code group the assembly belongs.

Evidence is used by the .NET Framework Code Access Security System at Assembly Load Time to assign Permissions to the assembly.

Evident normally describe the assembly’s origin such as application directory, website or URL and assembly’s identity such as hash, strong name or publisher.

In CAS evidence is used just as a person’s passport, password or PIN to prove the identity and associate certain level of trust.

Common Evidence Types in .NET

Application Directory

The directory in which assembly resides.

Site

The site from where the assembly is downloaded such as www.microsoft.com

URL

The URL from where the assembly is downlaoded such as

www.microsoft.com/projects/myassembly.exe

Zone

The zone in which the assembly is running such as My Computer, Local Intranet or Internet.

Publisher

The assembly’s publisher digital signature, which uniquely identify the developer of the assembly.

Strong Name

The strong name that uniquely identify the assembly name and version.

What is Common Language Specification (CLS)

The CLS defines the minimum standards that .NET languages must confirm.

Compliant Producer
The components in the language can be used by other language.

Consumer
The language can reuse classes produced in any other language.
This basically means the ability to instantiate classes.


Extender
Languages in this category can do more than just instantiate classes – they can also extends those classes using the inheritance feature of .Net

What is Base Class Library (BCL)

The .NET Base Class Library provides a collection of useful and reusable classes that are designed to integrate with CLR.

The classes provided by .NET Framework are object-oriented and fully extendable.
All of these classes are logically grouped in to “Namespaces”.

What is Common Language Runtime (CLR)

CLR is the heart of .NET Framework. CLR manages execution of .NET code and provides services that make the development process easier.

The basic function of CLR is to take the code generated by the VB.NET compiler or any other compiler and converts it to the native language of the current platform architecture.

What are .NET Framework Components

Following are the major components of .NET Framework:

• Common Language Runtime (CLR)
• Base Class Library (BCL)
• Common Language Specification (CLS)
• .NET Framework Languages

.NET Enterprise Servers

.NET Enterprise Servers

The .NET Enterprise Servers provide reliability, management, and integration within and across organizations and many more features.

v Microsoft SQL Server™ 2000
v Microsoft BizTalk™ Server 2000
v Microsoft Host Integration Server 2000
v Microsoft Exchange 2000 Enterprise Server
v Microsoft Application Center 2000
v Microsoft Commerce Server 2000

What is .NET Building Block Services

.NET Building Block Services

The .NET Building Block Services and distributed programmable services that are available both online and offline. A service can be invoked on a stand alone computer not connected to the internet or accessed by means of the Internet.
For example:

1. .NET Calendar
2. .NET Alerts
3. .NET Passport
4. .NET Documents
   

What is .NET Framework

.NET Framework

The .NET Framework is a new computing platform that simplifies application development in the highly distributed environment of the Internet.

The .NET Framework allows developers to build the following kinds of applications:

• XML Web Services
• Web Forms
• Win32 GUI Applications
• Win32 Console Applications etc.

What is .NET

.NET is Microsoft Platform for building XML Web Services.

The .NET Platform is a set of tools and technologies designed to transform the internet into a full-scale distributed computing platform. It supports the existing Internet infrastructures like HTTP, XML and SOAP.

.NET Platform Technologies

Visual Studio .NET provides a high level development environment for building applications on the .NET Platform.
It provides key technologies to simplify the creation and deployment of secure web applications and web services.
It also enables a new generation of Windows based applications with many new features available through the .NET.

.NET Building Block Services

The .NET Building Block Services and distributed programmable services that are available both online and offline.
A service can be invoked on a stand alone computer not connected to the internet or accessed by means of the Internet. For example:

• .NET Calendar
• .NET Alerts
• .NET Passport
• .NET Documents
  

.NET Enterprise Servers

The .NET Enterprise Servers provide reliability, management, and integration within and across organizations and many more features.

• Microsoft SQL Server™ 2000
• Microsoft BizTalk™ Server 2000
• Microsoft Host Integration Server 2000
• Microsoft Exchange 2000 Enterprise Server
• Microsoft Application Center 2000
• Microsoft Commerce Server 2000