Specifies the level of security protection that a service requires or provides.
| Name | Value | Description |
|---|---|---|
| None | 0 | No protection is required or provided. |
| Sign | 1 | The message must be signed to ensure its integrity. |
| EncryptAndSign | 2 | The message must be encrypted to ensure its confidentiality and signed to ensure its integrity. |
The ProtectionLevel enumeration is used by Windows Communication Foundation (WCF) to specify the security requirements for a service contract.
When you define a service contract, you can specify a ProtectionLevel for the entire contract or for individual operations, messages, or parameters. This setting informs the WCF infrastructure about the security mechanisms that should be employed for communication.
None indicates that no security protection is applied to the message. This is generally used when security is handled by other mechanisms or when the communication channel itself is already secured (e.g., using TLS/SSL).
Sign requires that messages be digitally signed. Signing ensures the integrity of the message, meaning that it cannot be modified in transit without detection. It also provides authentication, confirming the sender's identity.
EncryptAndSign is the strongest level of protection. It requires messages to be both encrypted and signed. Encryption ensures confidentiality, protecting the message content from unauthorized viewing, while signing ensures integrity and authentication.
The actual implementation of these protection levels depends on the WCF binding and its security settings. For example, using a NetTcpBinding with SecurityMode.Message and a certificate will typically implement signing and encryption.
public enum ProtectionLevel