Flylib.com
Writing Secure Code for Windows Vista (Best Practices (Microsoft))
Writing Secure Code for Windows Vista (Best Practices (Microsoft))
ISBN: 0735623937
EAN: 2147483647
Year: 2004
Pages: 122
Authors:
Michael Howard
,
David LeBlanc
BUY ON AMAZON
Table of Contents
Back Cover
Writing Secure Code for Windows Vista
Foreword
Introduction
Target Audience
How does this Book Relate to Writing Secure Code?
How to Read This Book
Getting Started with the Code in this Book
Whats on the Companion Web Site?
System Requirements
Microsoft Press Support
Chapter 1: Code Quality
The Windows Vista Quality Gates
All CC String Buffers Annotated with SAL
Banned APIs are Removed from the Codebase
Banned Cryptography Removed from the Codebase
Static Analysis Used to Find and Fix Bugs
Unmanaged CC Compiled with GS and Linked with SafeSEH, DynamicBase, and NXCompat
Call to Action
References
Chapter 2: User Account Control, Tokens, and Integrity Levels
User Account Control in Depth
User Interface Considerations
Virtualization
Integrity Levels
Debugging Application Compatibility Issues in Windows Vista
The Importance of Code Signing
Privileges New to Windows Vista
Call to Action
References
Chapter 3: Buffer Overrun Defenses
ASLR
Stack Randomization
Heap Defenses
NX
GS
SafeSEH
Summary
Call to Action
References
Chapter 4: Networking Defenses
IPv6 Overview
Network List Manager
The Windows Vista RSS Platform
Winsock Secure Socket Extensions
Windows Firewall with Advanced Security
Call to Action
References
Chapter 5: Creating Secure and Resilient
Service Accounts
Reducing Privileges
Controlling Network Access
Communicating with the Desktop
Lessons from the School of Hard Knocks
Call to Action
References
Chapter 6: Internet Explorer 7 Defenses
Pervasive Defenses
cURL and the IUri Interface
Lock Your ActiveX Control
Other Things You Should Know About Internet Explorer 7
Call to Action
References
Chapter 7: Cryptographic Enhancements
Kernel Mode and User Mode Support
Crypto-Agility
New Algorithms in CNG
Using CNG
CNG and FIPS
Improved Auditing
Something Missing from CNG
SSLTLS Improvements
Root Certificates in Windows Vista
Deprecated Crypto Features in Windows Vista
Call to Action
References
Chapter 8: Authentication and Authorization
Graphical Identification and Authorization (GINA) Changes
Owner SID Changes
Call to Action
References
Chapter 9: Miscellaneous Defenses and Security-Related Technologies
Adding Parental Controls Support to Your Application
The 450 Error
Windows Defender APIs
New Credential User Interface API
Use the Security Event Log
Pointer Encoding
Kernel Mode Debugging Issues
Programming the Trusted Platform Module (TPM)
Windows SideBar and Gadget Security Considerations
References
Index
A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
List of Figures
List of Tables
List of Sidebars
Writing Secure Code for Windows Vista (Best Practices (Microsoft))
ISBN: 0735623937
EAN: 2147483647
Year: 2004
Pages: 122
Authors:
Michael Howard
,
David LeBlanc
BUY ON AMAZON
Similar book on Amazon
Digital Character Animation 3 (No. 3)
Writing Secure Code, Second Edition
The Security Development Lifecycle
Windowsu00ae Internals: Including Windows Server 2008 and Windows Vista, Fifth Edition (Pro Developer)
Code Complete: A Practical Handbook of Software Construction, Second Edition
Database Modeling with MicrosoftВ® Visio for Enterprise Architects (The Morgan Kaufmann Series in Data Management Systems)
ERP and Data Warehousing in Organizations: Issues and Challenges
Challenging the Unpredictable: Changeable Order Management Systems
ERP System Acquisition: A Process Model and Results From an Austrian Survey
Enterprise Application Integration: New Solutions for a Solved Problem or a Challenging Research Field?
The Effects of an Enterprise Resource Planning System (ERP) Implementation on Job Characteristics – A Study using the Hackman and Oldham Job Characteristics Model
Distributed Data Warehouse for Geo-spatial Services
Beginning Cryptography with Java
Symmetric Key Cryptography
Object Description in Cryptography Using ASN.1
CMS and S/MIME
SSL and TLS
Appendix B Algorithms Provided by the Bouncy Castle Provider
Oracle Developer Forms Techniques
Using Form and Global Variables
The Power of Record Groups
Summary
Handling Errors
Intelligence with Regard to Form Wizards
Systematic Software Testing (Artech House Computer Library)
Analysis and Design
The Software Tester
The Test Manager
Appendix B Testing Survey
Appendix C IEEE Templates
Oracle SQL*Plus: The Definitive Guide (Definitive Guides)
Executing the Statement in the Buffer
Generating Reports with SQL*Plus
Prompting for Values
Environment Variables That Affect SQL*Plus
Appendix B. SQL*Plus Format Elements
FileMaker 8 Functions and Scripts Desk Reference
Get(NetworkProtocol)
Get(WindowDesktopWidth)
GetNextSerialValue()
RGB()
ValueCount()
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy
This website uses cookies. Click
here
to find out more.
Accept cookies