Book Image

Microsoft Dynamics AX 2012 R3 Security

By : Ahmed Mohamed Rafik Moustafa
Book Image

Microsoft Dynamics AX 2012 R3 Security

By: Ahmed Mohamed Rafik Moustafa

Overview of this book

Related Content you might be interested in

Current Title:

Small book image
Microsoft Dynamics AX 2012 R3 Security
Ahmed Mohamed Rafik Moustafa
Jun, 2015 | 106 pages
No titles found
Table of Contents (12 chapters)
Microsoft Dynamics AX 2012 R3 Security
Microsoft Dynamics AX 2012 R3 Security
Credits
Credits
About the Author
About the Author
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
MorphX Security System
MorphX Security System
Introducing the MorphX development tool
Developing a security artifact using AOT
Summary
2
Security Coding
Security Coding
The fundamentals of security coding using X++
Using Code Access Security
Security debugging
Security for the display and edit methods
The Table Permissions Framework
Summary
3
Developing Extensible Data Security
Developing Extensible Data Security
The main concepts of XDS policies
Designing and developing the XDS policy
Creating the policy
Adding constrained tables and views
Setting the XDS policy context
Debugging XDS policies
Summary
4
Extending the Organization Model
Extending the Organization Model
The organizational model framework
The organizational model scenarios
Extending the organizational model
Summary
5
Enterprise Portal Security
Enterprise Portal Security
The architecture of Enterprise Portal
Security in Enterprise Portal
Data access security
Report access security
Summary
Index
Index

Using Code Access Security

The CAS framework is a mechanism developed to protect systems from dangerous APIs that are invoked by untrusted code. It simply allows two pieces of code to communicate in a manner that can't be compromised.

To know what untrusted code is, we will first define what trusted code is. Trusted code is defined as code from the AOT running on the Application Object Server (AOS), meaning the code must be written by a trusted developer. This is because the developer privileges and permissions are the highest level of permission over the entire application. In other words, if you execute the code outside the AOS on a client, there is the possibility that it was altered on the client side before execution, thus rendering the code untrusted. The following figure demonstrates this mechanism:

Tip

For more information on CAS, visit Microsoft MSDN: http://msdn.microsoft.com/en-us/library/ff648663.aspx.

The main purpose of CAS is securing the tunnel between an API and its consumer...

Previous Section
End of Section 3
Next Section