Summary

This chapter has discussed the differences between validation and verification. You now know how each of these factors contributes toward the concept of earned trust. In addition, this chapter has demonstrated methods for working with both managed and unmanaged code in a single application. The techniques in this chapter will help you decide the level of trustworthiness each kind of code deserves given a particular set of circumstances.

Knowing about a potential security problem and actually dealing with it are two different things. The issues in this chapter are important because you need some verifiable and consistent method for handling security issues. Crackers rely on uneven security implementations and inadequate policies to gain access in situations where everything else is secure. Now is the time to put what you’ve learned in this chapter into practice by verifying and validating your applications.

Chapter 7 discusses an issue of particular importance given the number of distributed applications that developers are building. The data transmitted from one point of a company to another is the most important asset the company owns. Nothing is more important than the data. Consequently, using cryptographic methods to protect that data is equally important. Chapter 7 shows you how cryptography works in .NET and helps you build applications to demonstrate these techniques. You’ll find that the .NET Framework is wonderfully easy to use in this regard, which makes it even more important that you secure data using cryptography whenever possible.