Flylib.com
Designing Secure Web-Based Applications for Microsoft Windows 2000 with CDROM
Designing Secure Web-Based Applications for Microsoft Windows 2000 with CDROM
ISBN: N/A
EAN: N/A
Year: 1999
Pages: 138
BUY ON AMAZON
Cover
LOC Page
Dedication
Foreword
Preface
Who Should Read This Book?
Organization of This Book
About the Companion CD
System Requirements
Acknowledgments
Part I: Introduction and Design
Chapter 1 -- Security 101
Security Defined
Why Is Security Difficult?
The Golden Rules (and Some Others)
Threats, Safeguards, Vulnerabilities, and Attacks
Summary
Chapter 2 -- A Process for Building Secure Web Applications
A Security Design Process
Application Design
An Example
Part II: Technologies and Trade-Offs
Chapter 3 -- Windows 2000 Security Overview
The Impact of Active Directory
Authenticated Logon
Authentication
Privileges
User Accounts and Groups
Domains and Workgroups
DOMAINAccount Names and User Principal Names
Managing Accounts
Security Identifiers (SIDs)
Tokens
Access Control Lists
Impersonation
Delegation
Miscellaneous Windows 2000 Security Features
Summary
Chapter 4 -- Internet Explorer Security Overview
Privacy
Code Safety and Malicious Content
Security Zones
SSLTLS and Certificates
Cookie Security
Chapter 5 -- Internet Information Services Security Overview
Internet Authentication
Configuring SSLTLS
IIS Authorization -- the Marriage of Windows 2000 Security and the Web
IIS Process Identities
Summary
Chapter 6 -- SQL Server Security Overview
Security Modes
Logins, Users, and Permissions
Network Security Options
SQL Server Logins
SQL Server Database Users
SQL Server Database Roles
SQL Server Permissions
Summary
Chapter 7 -- COM Security Overview
Architecture
COM Authentication
COM Authorization
Debugging Tips
Using DCOM over the Internet
Chapter 8 -- Practical Authentication and Authorization
Where to Perform Authentication and Authorization
Application vs. Operating System Identity Flow
Relative IIS Authentication Performance
Example Authentication and Authorization Scenarios
A Warning About Custom Authentication and Passwords
Summary
Chapter 9 -- Practical Privacy, Integrity, Auditing, and Nonrepudiation
Privacy and Integrity Overview
Where Privacy and Integrity Issues Occur
Mitigating Privacy and Integrity Threats
Auditing
An Introduction to Nonrepudiation
Summary
Part III: In Practice
Chapter 10 -- Building a Secure Solution
Putting Together a Secure Solution
Speed vs. Security Trade-Offs
Configuration Checklists
Chapter 11 -- Troubleshooting Secure Solutions
Tools and Logs Available to You
The Art of Reading a Windows 2000 Logon Event
The Art of Reading an IIS Log Entry
Problems and Solutions
Chapter 12 -- Securing Against Attack
Why People Attack Web Servers
How People Attack Web Servers
Some Common Attacks
How to Detect Whether You re Under Attack
User Input Attacks
What to Do If You re Under Attack
Staying Up-to-Date on Security Issues
A Final Thought
Summary
Part IV: Reference
Chapter 13 -- Security Administration with ADSI, WMI, and COM
What Is WMI?
What Is ADSI?
Example Management and Security Configuration Code
Chapter 14 -- An Introduction to Kerberos Authentication in Windows 2000
What Is Kerberos Authentication?
How Kerberos Authentication Works
Helpful Tools
Kerberos Ticket Flow
Summary
Chapter 15 -- An Introduction to Cryptography and Certificates in Windows 2000
The Fundamentals of Cryptography
The Basics of Certificates
Cryptography and Certificates in Windows 2000
Summary
Bibliography
Appendix A -- Windows 2000 Well-Known SIDs
Appendix B -- Strong Passwords
How to Remember Strong Passwords
Appendix C -- Windows 2000 Default Ports
Appendix D -- Internet Information Services Authentication Summary
Anonymous Access (with the Allow IIS To Control Password option enabled)
Anonymous Access (with the Allow IIS To Control Password option disabled)
Basic Authentication
Digest Authentication
Integrated Windows Authentication
Client Certificate Mapping (IIS Mapping)
Client Certificate Mapping (Windows 2000 Active Directory Mapping)
Appendix E -- Security-Related IIS Server Variables
Appendix F -- Secure Web Server Checklist
General Security Considerations
Windows 2000 Security Considerations
IIS 5 Security Considerations
SQL Server Security Considerations
About the Authors
About This Electronic Book
About Microsoft Press
Designing Secure Web-Based Applications for Microsoft Windows 2000 with CDROM
ISBN: N/A
EAN: N/A
Year: 1999
Pages: 138
BUY ON AMAZON
CISSP Exam Cram 2
APPLICATION AND SYSTEMS-DEVELOPMENT SECURITY
OPERATIONS SECURITY
Threats to Network Security
Operational Security
Major Legal Systems
Strategies for Information Technology Governance
An Emerging Strategy for E-Business IT Governance
Assessing Business-IT Alignment Maturity
A View on Knowledge Management: Utilizing a Balanced Scorecard Methodology for Analyzing Knowledge Metrics
Managing IT Functions
Governance in IT Outsourcing Partnerships
Oracle Developer Forms Techniques
Myths About the Form Filename, Form Module Name , and Form ID
Normal Trigger Intelligence
Working with Trees
Creating a Tree Item
Summary
Logistics and Retail Management: Emerging Issues and New Challenges in the Retail Supply Chain
Retail Logistics: Changes and Challenges
Relationships in the Supply Chain
Market Orientation and Supply Chain Management in the Fashion Industry
Logistics in Tesco: Past, Present and Future
Transforming Technologies: Retail Exchanges and RFID
Professional Struts Applications: Building Web Sites with Struts ObjectRelational Bridge, Lucene, and Velocity (Experts Voice)
The Challenges of Web Application Development
Form Presentation and Validation with Struts
Managing Business Logic with Struts
Creating a Search Engine with Lucene
Building the JavaEdge Application with Ant and Anthill
GDI+ Programming with C#
Tutorial: Your First GDI+ Application
Clipping Regions Example
Color Transformation and the Color Matrix
Understanding the SetStyle Method
Section A.2. Understanding the try...catch Block
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy
This website uses cookies. Click
here
to find out more.
Accept cookies