|
ranges, data, 53–55, 55, 442
RangeValidator, 268
Rash, Wayne, 374
RDS (Remote Data Services) security hole, 266, 266
ref keywords in Win32 API, 395
reflection, to obtain evidence, 103–106, 106
registry
versus Active Directory, 343–345
registering DCOM components in, 217
securing
locking, 97
overview of, 93
problems with, 97
using RegistryPermission class, 94–97
in Win32 API, 97, 429–431
RegularExpressionValidator, 268, 268, 275–276, 276
remote debugging, enabling, 238–241, 239–240
Remote Procedure Call (RPC), 212–213, 450
remoting, See also Web data security
error reporting in, 64
remote unmanaged components in Win32 API, 432–437
System.Runtime.Remoting.Contexts namespace
defined, 28
security benefits, 29
SynchronizationAttribute class, 29–31, 30
Web site on, 28
RequiredFieldValidator, 268
resources. See Web sites
Ridgeway, Mark, 265
Rijmen, Vincent, 440
Rijndael symmetric algorithm, 185, 186
risks. See security risks
Rivest, Ronal, 36, 279, 449
role-based security, See also code access security; policies
adding to COM+, 225–229, 225–228
versus code access security
overview of, 71–72
when to use, 73–74
where to use, 74
why to use, 72–73
using in database security, 271–273
defined, 6, 450–451
IsInRole() method example, 7–9, 9
overview of, 62, 70, 106
using principal/identity objects, 81–83, 82
roles versus groups, 7
versus Win32 API security, 9, 70–71, 82–83
versus Win32 API user identity security, 9, 70–71, 82–83
RPC (Remote Procedure Call), 212–213, 450
RSA (Rivest, Shamir, and Adleman) encryption, 36, 184–185, 186, 279
rules, 12
|