Table of content | .NET Security and Cryptography



	Table of Contents

.NET Security and Cryptography
By Peter Thorsteinson, G. Gnana Arun Ganesh

Publisher	: Prentice Hall PTR
Pub Date	: August 18, 2003
ISBN	: 0-131-00851-X
Pages	: 496

Integrated .NET Series from Object Innovations and Prentice Hall PTR

Preface

Organization

Sample Programs

Web Site

Acknowledgments

Peter Thorsteinson

G. Gnana Arun Ganesh

The Integrated .NET Series from Object Innovations and Prentice Hall PTR

Introduction

.NET Programming Books

.NET Applications and Technology

.NET Interoperability and Migration

Chapter One. .NET Cryptography and Security

The Nature of This Book

The Nature of Cryptography and Security

Windows Security Comes of Age

The .NET Framework and the CLR

.NET Cryptography Programming

.NET Security Programming

Summary

Chapter Two. Fundamentals of Cryptography

Security and Keeping Secrets

Steganography

Modern Ciphers

Cryptanalytic Attacks

Issues in Human Interaction and Trust

Summary

Chapter Three. Symmetric Cryptography

Symmetric Ciphers

Programming with .NET Symmetric Cryptography

Key Exchange Issues

Summary

Chapter Four. Asymmetric Cryptography

Problems with Symmetric Algorithms

The Idea Behind Asymmetric Cryptography

Existing Asymmetric Algorithms

RSA: The Most Used Asymmetric Algorithm

Caveat: Provability Issues

Programming with .NET Asymmetric Cryptography

Digital Certificates

Summary

Chapter Five. Digital Signatures

Hash Algorithms

How Digital Signatures Work

RSA Used as a Digital Signature Algorithm

The Digital Signature Algorithm

The Asymmetric AlgorithmHierarchy Class Hierarchy

Summary

Chapter Six. XML Cryptography

XML Encryption

XML Signatures

Combining XML Signing and XML Encryption

Summary

Chapter Seven. .NET User-Based Security

Authentication and Authorization

.NET Security Model

Administrating Windows Security

Administrating .NET Security

Permissions

User-Based Security

Two Approaches to User-Based Security

Credentials

Security Discipline

Summary

Chapter Eight. .NET Code Access Security

The Need for Code Access Security

Security, Managed Code, and the CLR

How CAS Is Used

Managing Security Policy with Code Groups

Imperative Versus Declarative CAS

Evidence-Based Security

Code Access Permissions

Declarative Code Access Permissions

Permission Requests

Permission Sets

Summary

Chapter Nine. ASP.NET Security

Fundamental Security Mechanisms

Implementing ASP.NET Authentication

ASP.NET Configuration

Forms Authentication

Forms Authentication Classes

Passport Authentication

Windows Authentication

Implementing ASP.NET Authorization

Implementing ASP.NET Impersonation

Summary

Chapter Ten. Web Services Security

Basic Techniques in Securing Web Services

Authenticate Web Service Using SOAPHEADER

Summary

Appendix A. A Security Attack Example: The Stack Overrun

Appendix B. How the RSA Cipher Works

Modular Arithmetic

The BigRSA Example Program

The CrackRSAWorkFactorDemo Example Program

Appendix C. Using the GNU GMP Library

Installing Cygwin

Testing Your Cygwin Installation

Installing GMP

Uninstalling Cygwin

Appendix D. Cryptography and Security Resources

Background Knowledge and Conceptual Books

Cryptographic Mathematics Books

Implementing Security Guide Books

Human Interest Books on Cryptography

Cryptography News Groups

Useful Cryptographic and Security Web Sites

Appendix E. Exploring Web Services

Motivation for Web Services

Web Services Definition

Backbones of Web Services

Next Generation of Distributed Computing: Web Services

Code Model for Web Services

Developing a Simple Concatenate Web Service

Protocols

Accessing a Web Service

Asynchronous Programming in Web Services

Creating an ASP.NET Calculator Web Service

Web Services Are Still Evolving

Summary