Encryption of Individual Data ElementsAn Overview

for RuBoard

Encryption of Individual Data Elements ”An Overview

Since Web security is based on standards and specifications set forth by groups such as the World Wide Web Consortium (W3C), the concepts and practices that apply to Web security also apply to .NET security. The classes HttpChannel and TcpChannel encapsulate the functionality necessary to perform secure transactions over the Internet. ChannelServices allow you to send messages back and forth between the client and server, even if they are the same machine. The CryptoStream class provides the encryption on top of or in conjunction with ChannelServices . CryptoStream is used to hold the information while it is encrypted or decrypted through the cryptographic service providers available in .NET. To maintain the role-based security and code access security features provided in the .NET Framework, IIS must be configured in a secure manner as well. This includes using integrated Windows authentication and/or SSL. What becomes important here is not only maintaining security in the sense of trusting the code to execute, but also protecting the messages that are sent when remoting. Remoting uses the SOAP protocol to send its messages between the client and server on the HttpChannel . Binary information is sent over the TcpChannel . Both of these objects rely on streams that are passed through the CryptoStream class for encryption/decryption. You can find more information regarding the CryptoStream class in Chapter 30, "Using Cryptography with the .NET Framework: The Basics."

for RuBoard


. NET Framework Security
.NET Framework Security
ISBN: 067232184X
EAN: 2147483647
Year: 2000
Pages: 235

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net