Flylib.com
.NET Framework Security
.NET Framework Security
ISBN: 067232184X
EAN: 2147483647
Year: 2000
Pages: 235
Authors:
Brian A. LaMacchia
,
Sebastian Lange
,
Matthew Lyons
,
Rudi Martin
,
Kevin T. Price
BUY ON AMAZON
Table of Content
Starting Page
Copyright
About the Authors
Acknowledgments
Introduction
Demystifying .NET Framework Security
What Do You Need to Know Prior to Reading This Book?
What Software Will You Need to Complete the Examples Provided with This Book?
How This Book Is Organized
Where to Download the Associated Code for This Book
Conventions Used in This Book
Part I: Introduction to the .NET Developer Platform Security
Chapter 1. Common Security Problems on the Internet
Problems with Securing Mobile Code
Writing Secure Applications
Summary
Chapter 2. Introduction to the Microsoft .NET Developer Platform
Tight Language Interoperability
Metadata
JIT Compilation
Garbage Collection
Object-Oriented Programming
Code Access Security
Base Class Library
Native Code Interoperability
Summary
Chapter 3. .NET Developer Platform Security Solutions
Fundamental Security Benefits from the .NET Framework
Mobile Code Solutions with the .NET Framework
Networked Computing with the .NET Framework
Summary
Part II: Code Access Security Fundamentals
Chapter 4. User- and Code-IdentityBased Security: Two Complementary Security Paradigms
A Little Anatomy of Computer Security Systems
A Review of User-IdentityBased Security
Entering a New Paradigm: Code-IdentityBased Security
How User- and Code-IdentityBased Security Systems Complement Each Other
Summary
Chapter 5. Evidence: Knowing Where Code Comes From
Evidence Explained
Different Sources of Evidence
Evidence and the Base Class Library
Summary
Chapter 6. Permissions: The Workhorse of Code Access Security
Permissions Explained
How Permissions Are Used
Declarative and Imperative Security
Built-in Permissions
Permission Sets
Summary
Chapter 7. Walking the Stack
A Review of Stacks and Their Uses
The Security Stack Walk
Modifying a Stack Walk
The Interaction of App Domains with Stack Walks
Summary
Chapter 8. Membership Conditions, Code Groups, and Policy Levels: The Brick and Mortar of Security Policy
Membership Conditions
Code Groups
Policy Levels
Default Security Policy
Summary
Chapter 9. Understanding the Concepts of Strong Naming Assemblies
Assemblies and Identity
PublicPrivate Key Pairs
Signing and Verifying Assemblies
Delay Signing Assemblies
Comparison with Authenticode Signatures
Summary
Chapter 10. Hosting Managed Code
What Does Hosting Mean?
Containing Assemblies Through the Use of Appdomains
Controlling Trust Within the Hosted Environment
Dealing with Assembly-Sharing Issues
Using Appdomains to Secure Unmanaged Clients
Summary
Chapter 11. Verification and Validation: The Backbone of .NET Framework Security
Review of the Anatomy of an Assembly
PE File Format and Metadata Validation
IL Validation and Verification
Code Access Security s Dependence on Validation and Verification
Summary
Chapter 12. Security Through the Lifetime of a Managed Process: Fitting It All Together
Development-Time Security Considerations
Deployment-Time Security Issues
Execution-Time Security Issues
Summary
Part III: ASP.NET and Web Services Security Fundamentals
Chapter 13. Introduction to ASP.NET Security
New Security Features in ASP.NETAnd How to Use Them
Authentication for Web Services
Code Access Security and ASP.NET
Summary
Chapter 14. Authentication: Know Who Is Accessing Your Site
ASP.NET Authentication and IIS Authentication
Default IIS Settings
Using CLR Role-Based Security in Windows
Using ASP.NET Forms Authentication
Using Impersonation and Delegation in ASP.NET
Summary
Chapter 15. Authorization: Control Who Is Accessing Your Site
File and Directory Access Control Lists (ACLs)
Using URL Authorization to Allow or Limit Access
Using Programmatic Authorization to Determine Who Is Attempting to Access Your Site
Summary
Chapter 16. Data Transport Integrity: Keeping Data Uncorrupted
Implementing SSL Encryption and HTTPS
Encryption of Individual Data ElementsAn Overview
Remoting and Encryption via SinksAn Overview
Summary
Part IV: .NET Framework Security Administration
Chapter 17. Introduction: .NET Framework Security and Operating System Security
A Roadmap for Administering the Security Context of Managed Code
.NET Framework Security and Operating System Security Settings
Summary
Chapter 18. Administering Security Policy Using the .NET Framework Configuration Tool
Before Making Any Security Policy Change: Administration Strategies
Introduction to the .NET Framework Configuration Tool
Increasing Trust for an Assembly or Software Publisher Using the Trust Assembly Wizard
Changing Trust for a Zone Using the Adjust Security Wizard
Manipulating the Security Policy Tree DirectlyBasic Techniques
Testing Security Policy Using the Evaluate Assembly Wizard
Modeling Policy Changes Using Open and New
Deploying Security Policy
Resetting Security Policy
The .NET Framework Configuration Tool s Self Protection Mechanism
Administrative Tactics: Scenarios, Solutions, Hints, and Tricks
Summary
Chapter 19. Administering .NET Framework Security Policy Using Scripts and Security APIs
Using Batch Scripts for Security Policy Administration
Changing Security Policy by Programming Directly to the Security APIs
Summary
Chapter 20. Administering an IIS Machine Using ASP.NET
XML-Based Configuration Files
Hierarchy of .NET Configuration Files
Attributes and Settings
IIS Security SettingsA Refresher
Summary
Chapter 21. Administering Clients for .NET Framework Mobile Code
Default Security Policy and Mobile Code
Limitations on Calling Strong Named Components
Running Mobile Code in Internet Explorer
Summary
Chapter 22. Administering Isolated Storage and Cryptography Settings in the .NET Framework
Administering Isolated Storage
Administering Cryptography Settings
Summary
Part V: .NET Framework Security for Developers
Chapter 23. Creating Secure Code: What All .NET Framework Developers Need to Know
Security and the Developer
Structure of the .NET Framework Security System
Limitations of the .NET Framework Security System
Summary
Chapter 24. Architecting a Secure Assembly
Thinking Like a Security Expert: How to Improve the Security of Your Designs from Day One
If All Else Fails
Don t Throw It All Away
Summary
Chapter 25. Implementing a Secure Assembly
Using Existing Security Mechanisms
Implementing Your Own Permissions
Working with Strong Names
Summary
Chapter 26. Testing a Secured Assembly
Determining What Is Being Protected
Determining How Resource Protection Is Implemented
Testing Any Applied Custom Permissions
Testing the Methods and Properties That Should Be Protected
Summary
Chapter 27. Writing a Secure Web Site Using ASP.NET
Designing a Secure Web Site
Implementing a Secure Web Site
Summary
Chapter 28. Writing a Secure Web Application in the .NET Development Platform
ASP.NET with Remoting Versus Web Services
Authentication and Authorization Without IIS
Summary
Chapter 29. Writing a Semi-Trusted Application
Restrictions on Libraries That Can Be Called
Making Permission Requests
Protecting Data
Being Careful About What Code Gets Executed
Being Aware of Permissions at Runtime
Summary
Chapter 30. Using Cryptography with the .NET Framework: The Basics
Setting the Stage: Key Definitions and Scenarios in Cryptography
The Cryptographic Object Model of the .NET Framework
Operating on Streams: CryptoStreams and ICryptoTransforms
Using Symmetric Algorithms
Using Cryptographic Hash Functions
Using Keyed Hash Functions
Random Number Generation and Key Derivation
Using Asymmetric Algorithms
Summary
Chapter 31. Using Cryptography with the .NET Framework: Advanced Topics
Working with CryptoAPI 1.0
Working with CryptoAPI 2.0
Finalization Versus Explicit Destruction via IDisposable
Extending the .NET Framework s Cryptography Classes and the Cryptographic Configuration System
Summary
Chapter 32. Using Cryptography with the .NET Framework: Creating and Verifying XML Digital Signatures
XMLDSIG Design Principles and Modes of Use
The Structure of an XMLDSIG Signature
Creating XMLDSIG-Compliant Signatures Using the .NET Framework
Verifying an XMLDSIG Signature
Extending System.Security.Cryptography.Xml for Custom Processing
Summary
Index
A_Index
B_Index
C_Index
D_Index
E_Index
F_Index
G_Index
H_Index
I_Index
J_Index
K_Index
L_Index
M_Index
N_Index
O_Index
P_Index
Q_Index
R_Index
S_Index
T_Index
U_Index
V_Index
W_Index
X_Index
.NET Framework Security
ISBN: 067232184X
EAN: 2147483647
Year: 2000
Pages: 235
Authors:
Brian A. LaMacchia
,
Sebastian Lange
,
Matthew Lyons
,
Rudi Martin
,
Kevin T. Price
BUY ON AMAZON
Database Modeling with MicrosoftВ® Visio for Enterprise Architects (The Morgan Kaufmann Series in Data Management Systems)
Introduction
Object Types, Predicates, and Basic Constraints
Configuring, Manipulating, and Reusing ORM Models
Reverse Engineering and Importing to ORM
Generating a Physical Database Schema
Absolute Beginner[ap]s Guide to Project Management
Essential Project Manager Toolkit
Next Step in the Schedule Development Process
Powerful Techniques for Project Control
The Importance of Project Communications
Stuff You Need to Know About Contracts
Identifying and Managing Project Risk: Essential Tools for Failure-Proofing Your Project
Identifying Project Schedule Risk
Identifying Project Resource Risk
Quantifying and Analyzing Activity Risks
Managing Activity Risks
Managing Project Risk
Lotus Notes and Domino 6 Development (2nd Edition)
Archiving Versions with Templates
Using the Formula Language
JavaScript Is Not Java
JavaScript and the Domino IDE
Introduction to Java
Managing Enterprise Systems with the Windows Script Host
Networking Resources
Regular Expressions
Application Automation
Internet Applications
Data Access
Cisco CallManager Fundamentals (2nd Edition)
Dialing Transformations
Overview of Station Devices Supported by CallManager
Cisco VT Advantage
Hints on Processing CDR Data
Client Solutions
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy
This website uses cookies. Click
here
to find out more.
Accept cookies