Flylib.com
Designing Secure Web-Based Applications for Microsoft Windows 2000 with CDROM
Designing Secure Web-Based Applications for Microsoft Windows 2000 with CDROM
ISBN: N/A
EAN: N/A
Year: 1999
Pages: 138
BUY ON AMAZON
Cover
LOC Page
Dedication
Foreword
Preface
Who Should Read This Book?
Organization of This Book
About the Companion CD
System Requirements
Acknowledgments
Part I: Introduction and Design
Chapter 1 -- Security 101
Security Defined
Why Is Security Difficult?
The Golden Rules (and Some Others)
Threats, Safeguards, Vulnerabilities, and Attacks
Summary
Chapter 2 -- A Process for Building Secure Web Applications
A Security Design Process
Application Design
An Example
Part II: Technologies and Trade-Offs
Chapter 3 -- Windows 2000 Security Overview
The Impact of Active Directory
Authenticated Logon
Authentication
Privileges
User Accounts and Groups
Domains and Workgroups
DOMAINAccount Names and User Principal Names
Managing Accounts
Security Identifiers (SIDs)
Tokens
Access Control Lists
Impersonation
Delegation
Miscellaneous Windows 2000 Security Features
Summary
Chapter 4 -- Internet Explorer Security Overview
Privacy
Code Safety and Malicious Content
Security Zones
SSLTLS and Certificates
Cookie Security
Chapter 5 -- Internet Information Services Security Overview
Internet Authentication
Configuring SSLTLS
IIS Authorization -- the Marriage of Windows 2000 Security and the Web
IIS Process Identities
Summary
Chapter 6 -- SQL Server Security Overview
Security Modes
Logins, Users, and Permissions
Network Security Options
SQL Server Logins
SQL Server Database Users
SQL Server Database Roles
SQL Server Permissions
Summary
Chapter 7 -- COM Security Overview
Architecture
COM Authentication
COM Authorization
Debugging Tips
Using DCOM over the Internet
Chapter 8 -- Practical Authentication and Authorization
Where to Perform Authentication and Authorization
Application vs. Operating System Identity Flow
Relative IIS Authentication Performance
Example Authentication and Authorization Scenarios
A Warning About Custom Authentication and Passwords
Summary
Chapter 9 -- Practical Privacy, Integrity, Auditing, and Nonrepudiation
Privacy and Integrity Overview
Where Privacy and Integrity Issues Occur
Mitigating Privacy and Integrity Threats
Auditing
An Introduction to Nonrepudiation
Summary
Part III: In Practice
Chapter 10 -- Building a Secure Solution
Putting Together a Secure Solution
Speed vs. Security Trade-Offs
Configuration Checklists
Chapter 11 -- Troubleshooting Secure Solutions
Tools and Logs Available to You
The Art of Reading a Windows 2000 Logon Event
The Art of Reading an IIS Log Entry
Problems and Solutions
Chapter 12 -- Securing Against Attack
Why People Attack Web Servers
How People Attack Web Servers
Some Common Attacks
How to Detect Whether You re Under Attack
User Input Attacks
What to Do If You re Under Attack
Staying Up-to-Date on Security Issues
A Final Thought
Summary
Part IV: Reference
Chapter 13 -- Security Administration with ADSI, WMI, and COM
What Is WMI?
What Is ADSI?
Example Management and Security Configuration Code
Chapter 14 -- An Introduction to Kerberos Authentication in Windows 2000
What Is Kerberos Authentication?
How Kerberos Authentication Works
Helpful Tools
Kerberos Ticket Flow
Summary
Chapter 15 -- An Introduction to Cryptography and Certificates in Windows 2000
The Fundamentals of Cryptography
The Basics of Certificates
Cryptography and Certificates in Windows 2000
Summary
Bibliography
Appendix A -- Windows 2000 Well-Known SIDs
Appendix B -- Strong Passwords
How to Remember Strong Passwords
Appendix C -- Windows 2000 Default Ports
Appendix D -- Internet Information Services Authentication Summary
Anonymous Access (with the Allow IIS To Control Password option enabled)
Anonymous Access (with the Allow IIS To Control Password option disabled)
Basic Authentication
Digest Authentication
Integrated Windows Authentication
Client Certificate Mapping (IIS Mapping)
Client Certificate Mapping (Windows 2000 Active Directory Mapping)
Appendix E -- Security-Related IIS Server Variables
Appendix F -- Secure Web Server Checklist
General Security Considerations
Windows 2000 Security Considerations
IIS 5 Security Considerations
SQL Server Security Considerations
About the Authors
About This Electronic Book
About Microsoft Press
Designing Secure Web-Based Applications for Microsoft Windows 2000 with CDROM
ISBN: N/A
EAN: N/A
Year: 1999
Pages: 138
BUY ON AMAZON
Identifying and Managing Project Risk: Essential Tools for Failure-Proofing Your Project
Planning for Risk Management
Quantifying and Analyzing Activity Risks
Quantifying and Analyzing Project Risk
Managing Project Risk
Monitoring and Controlling Risky Projects
SQL Tips & Techniques (Miscellaneous)
Working with Queries, Expressions, and Aggregate Functions
Creating Indexes for Fast Data Retrieval
Understanding Triggers
Working with Data BLOBs and Text
Working with SQL Database Data Across the Internet
FileMaker Pro 8: The Missing Manual
Modeling Your Database
Comments
Extending Calculations
Scripting Basics
Script Debugger
C & Data Structures (Charles River Media Computer Engineering)
Introduction to the C Language
C Operators
Arrays
Storage of Variables
Graphs
Twisted Network Programming Essentials
Monitoring Download Progress
Using a Web Client to Update Resources Through REST
Using Authentication with Perspective Broker
Looking Up the SMTP Server for a Domain
Using Public Keys for Authentication
Microsoft Visual Basic .NET Programmers Cookbook (Pro-Developer)
Objects, Interfaces, and Patterns
Windows Programming
Windows Controls
ADO.NET
Web Services
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy
This website uses cookies. Click
here
to find out more.
Accept cookies