Flylib.com
Designing Secure Web-Based Applications for Microsoft Windows 2000 with CDROM
Designing Secure Web-Based Applications for Microsoft Windows 2000 with CDROM
ISBN: N/A
EAN: N/A
Year: 1999
Pages: 138
BUY ON AMAZON
Cover
LOC Page
Dedication
Foreword
Preface
Who Should Read This Book?
Organization of This Book
About the Companion CD
System Requirements
Acknowledgments
Part I: Introduction and Design
Chapter 1 -- Security 101
Security Defined
Why Is Security Difficult?
The Golden Rules (and Some Others)
Threats, Safeguards, Vulnerabilities, and Attacks
Summary
Chapter 2 -- A Process for Building Secure Web Applications
A Security Design Process
Application Design
An Example
Part II: Technologies and Trade-Offs
Chapter 3 -- Windows 2000 Security Overview
The Impact of Active Directory
Authenticated Logon
Authentication
Privileges
User Accounts and Groups
Domains and Workgroups
DOMAINAccount Names and User Principal Names
Managing Accounts
Security Identifiers (SIDs)
Tokens
Access Control Lists
Impersonation
Delegation
Miscellaneous Windows 2000 Security Features
Summary
Chapter 4 -- Internet Explorer Security Overview
Privacy
Code Safety and Malicious Content
Security Zones
SSLTLS and Certificates
Cookie Security
Chapter 5 -- Internet Information Services Security Overview
Internet Authentication
Configuring SSLTLS
IIS Authorization -- the Marriage of Windows 2000 Security and the Web
IIS Process Identities
Summary
Chapter 6 -- SQL Server Security Overview
Security Modes
Logins, Users, and Permissions
Network Security Options
SQL Server Logins
SQL Server Database Users
SQL Server Database Roles
SQL Server Permissions
Summary
Chapter 7 -- COM Security Overview
Architecture
COM Authentication
COM Authorization
Debugging Tips
Using DCOM over the Internet
Chapter 8 -- Practical Authentication and Authorization
Where to Perform Authentication and Authorization
Application vs. Operating System Identity Flow
Relative IIS Authentication Performance
Example Authentication and Authorization Scenarios
A Warning About Custom Authentication and Passwords
Summary
Chapter 9 -- Practical Privacy, Integrity, Auditing, and Nonrepudiation
Privacy and Integrity Overview
Where Privacy and Integrity Issues Occur
Mitigating Privacy and Integrity Threats
Auditing
An Introduction to Nonrepudiation
Summary
Part III: In Practice
Chapter 10 -- Building a Secure Solution
Putting Together a Secure Solution
Speed vs. Security Trade-Offs
Configuration Checklists
Chapter 11 -- Troubleshooting Secure Solutions
Tools and Logs Available to You
The Art of Reading a Windows 2000 Logon Event
The Art of Reading an IIS Log Entry
Problems and Solutions
Chapter 12 -- Securing Against Attack
Why People Attack Web Servers
How People Attack Web Servers
Some Common Attacks
How to Detect Whether You re Under Attack
User Input Attacks
What to Do If You re Under Attack
Staying Up-to-Date on Security Issues
A Final Thought
Summary
Part IV: Reference
Chapter 13 -- Security Administration with ADSI, WMI, and COM
What Is WMI?
What Is ADSI?
Example Management and Security Configuration Code
Chapter 14 -- An Introduction to Kerberos Authentication in Windows 2000
What Is Kerberos Authentication?
How Kerberos Authentication Works
Helpful Tools
Kerberos Ticket Flow
Summary
Chapter 15 -- An Introduction to Cryptography and Certificates in Windows 2000
The Fundamentals of Cryptography
The Basics of Certificates
Cryptography and Certificates in Windows 2000
Summary
Bibliography
Appendix A -- Windows 2000 Well-Known SIDs
Appendix B -- Strong Passwords
How to Remember Strong Passwords
Appendix C -- Windows 2000 Default Ports
Appendix D -- Internet Information Services Authentication Summary
Anonymous Access (with the Allow IIS To Control Password option enabled)
Anonymous Access (with the Allow IIS To Control Password option disabled)
Basic Authentication
Digest Authentication
Integrated Windows Authentication
Client Certificate Mapping (IIS Mapping)
Client Certificate Mapping (Windows 2000 Active Directory Mapping)
Appendix E -- Security-Related IIS Server Variables
Appendix F -- Secure Web Server Checklist
General Security Considerations
Windows 2000 Security Considerations
IIS 5 Security Considerations
SQL Server Security Considerations
About the Authors
About This Electronic Book
About Microsoft Press
Designing Secure Web-Based Applications for Microsoft Windows 2000 with CDROM
ISBN: N/A
EAN: N/A
Year: 1999
Pages: 138
BUY ON AMAZON
Interprocess Communications in Linux: The Nooks and Crannies
Creating a Process
Waiting on Processes
Introduction
Summary
Nomenclature and Key Concepts
Identifying and Managing Project Risk: Essential Tools for Failure-Proofing Your Project
Why Project Risk Management?
Identifying Project Resource Risk
Quantifying and Analyzing Activity Risks
Quantifying and Analyzing Project Risk
Monitoring and Controlling Risky Projects
Java How to Program (6th Edition) (How to Program (Deitel))
Self-Review Exercises
Terminology
Program Modules in Java
Terminology
Wrap-Up
Cisco IOS Cookbook (Cookbooks (OReilly))
Configuring Interpacket Delay
Adjusting the Next-Hop Attribute
Configuring ATM Subinterfaces
Clearing the Routers Log
Foreign Agent Configuration
Mapping Hacks: Tips & Tools for Electronic Cartography
Hack 10. Georeference Digital Photos
Hack 40. Plot Points on a Spinning Globe Applet
Hack 41. Plot Points on an Interactive Map Using DHTML
Hack 76. Explore the Effects of Global Warming
Hack 83. Map Numerical Data the Easy Way
Special Edition Using Crystal Reports 10
Understanding and Implementing Formulas
Exploring the Format Editor Dialog Common Options
Creating Useful Report Templates
Migration of the Crystal Enterprise Repository
Deploying RAS Environments
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy
This website uses cookies. Click
here
to find out more.
Accept cookies