Flylib.com
Designing Secure Web-Based Applications for Microsoft Windows 2000 with CDROM
Designing Secure Web-Based Applications for Microsoft Windows 2000 with CDROM
ISBN: N/A
EAN: N/A
Year: 1999
Pages: 138
BUY ON AMAZON
Cover
LOC Page
Dedication
Foreword
Preface
Who Should Read This Book?
Organization of This Book
About the Companion CD
System Requirements
Acknowledgments
Part I: Introduction and Design
Chapter 1 -- Security 101
Security Defined
Why Is Security Difficult?
The Golden Rules (and Some Others)
Threats, Safeguards, Vulnerabilities, and Attacks
Summary
Chapter 2 -- A Process for Building Secure Web Applications
A Security Design Process
Application Design
An Example
Part II: Technologies and Trade-Offs
Chapter 3 -- Windows 2000 Security Overview
The Impact of Active Directory
Authenticated Logon
Authentication
Privileges
User Accounts and Groups
Domains and Workgroups
DOMAINAccount Names and User Principal Names
Managing Accounts
Security Identifiers (SIDs)
Tokens
Access Control Lists
Impersonation
Delegation
Miscellaneous Windows 2000 Security Features
Summary
Chapter 4 -- Internet Explorer Security Overview
Privacy
Code Safety and Malicious Content
Security Zones
SSLTLS and Certificates
Cookie Security
Chapter 5 -- Internet Information Services Security Overview
Internet Authentication
Configuring SSLTLS
IIS Authorization -- the Marriage of Windows 2000 Security and the Web
IIS Process Identities
Summary
Chapter 6 -- SQL Server Security Overview
Security Modes
Logins, Users, and Permissions
Network Security Options
SQL Server Logins
SQL Server Database Users
SQL Server Database Roles
SQL Server Permissions
Summary
Chapter 7 -- COM Security Overview
Architecture
COM Authentication
COM Authorization
Debugging Tips
Using DCOM over the Internet
Chapter 8 -- Practical Authentication and Authorization
Where to Perform Authentication and Authorization
Application vs. Operating System Identity Flow
Relative IIS Authentication Performance
Example Authentication and Authorization Scenarios
A Warning About Custom Authentication and Passwords
Summary
Chapter 9 -- Practical Privacy, Integrity, Auditing, and Nonrepudiation
Privacy and Integrity Overview
Where Privacy and Integrity Issues Occur
Mitigating Privacy and Integrity Threats
Auditing
An Introduction to Nonrepudiation
Summary
Part III: In Practice
Chapter 10 -- Building a Secure Solution
Putting Together a Secure Solution
Speed vs. Security Trade-Offs
Configuration Checklists
Chapter 11 -- Troubleshooting Secure Solutions
Tools and Logs Available to You
The Art of Reading a Windows 2000 Logon Event
The Art of Reading an IIS Log Entry
Problems and Solutions
Chapter 12 -- Securing Against Attack
Why People Attack Web Servers
How People Attack Web Servers
Some Common Attacks
How to Detect Whether You re Under Attack
User Input Attacks
What to Do If You re Under Attack
Staying Up-to-Date on Security Issues
A Final Thought
Summary
Part IV: Reference
Chapter 13 -- Security Administration with ADSI, WMI, and COM
What Is WMI?
What Is ADSI?
Example Management and Security Configuration Code
Chapter 14 -- An Introduction to Kerberos Authentication in Windows 2000
What Is Kerberos Authentication?
How Kerberos Authentication Works
Helpful Tools
Kerberos Ticket Flow
Summary
Chapter 15 -- An Introduction to Cryptography and Certificates in Windows 2000
The Fundamentals of Cryptography
The Basics of Certificates
Cryptography and Certificates in Windows 2000
Summary
Bibliography
Appendix A -- Windows 2000 Well-Known SIDs
Appendix B -- Strong Passwords
How to Remember Strong Passwords
Appendix C -- Windows 2000 Default Ports
Appendix D -- Internet Information Services Authentication Summary
Anonymous Access (with the Allow IIS To Control Password option enabled)
Anonymous Access (with the Allow IIS To Control Password option disabled)
Basic Authentication
Digest Authentication
Integrated Windows Authentication
Client Certificate Mapping (IIS Mapping)
Client Certificate Mapping (Windows 2000 Active Directory Mapping)
Appendix E -- Security-Related IIS Server Variables
Appendix F -- Secure Web Server Checklist
General Security Considerations
Windows 2000 Security Considerations
IIS 5 Security Considerations
SQL Server Security Considerations
About the Authors
About This Electronic Book
About Microsoft Press
Designing Secure Web-Based Applications for Microsoft Windows 2000 with CDROM
ISBN: N/A
EAN: N/A
Year: 1999
Pages: 138
BUY ON AMAZON
ADO.NET 3.5 Cookbook (Cookbooks (OReilly))
Using Expression Columns to Display Aggregate Values
Synchronizing Master-Detail Web Forms DataGrids
Binding a Windows DataGrid to Master-Detail Data
Reading XML Data Directly from SQL Server
Caching Data
Secure Programming Cookbook for C and C++: Recipes for Cryptography, Authentication, Input Validation & More
Building a Simple Hello, World Application from the Command Line
Building a Complex Application from the Command Line
Dates and Times
Exceptions and Safety
Computing the Distance Between Two Vectors
Building Web Applications with UML (2nd Edition)
XML
Gathering and Prioritizing Requirements
Summary
Use Case View
Master Template Pattern
MySQL Clustering
Before You Begin with MySQL Cluster
Retrieving the Latest Snapshot from BitKeeper
Troubleshooting Backups
Performance
Data Retrieval in MySQL Cluster
Professional Struts Applications: Building Web Sites with Struts ObjectRelational Bridge, Lucene, and Velocity (Experts Voice)
The Challenges of Web Application Development
Form Presentation and Validation with Struts
Managing Business Logic with Struts
Templates and Velocity
Building the JavaEdge Application with Ant and Anthill
What is Lean Six Sigma
The Four Keys to Lean Six Sigma
Key #1: Delight Your Customers with Speed and Quality
Key #2: Improve Your Processes
Key #4: Base Decisions on Data and Facts
Six Things Managers Must Do: How to Support Lean Six Sigma
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy
This website uses cookies. Click
here
to find out more.
Accept cookies