Chapter 9: Overview of Security Concepts

Microsoft Exam Objectives Covered In This Chapter:

  • Implement security for a Windows service, a serviced component, a .NET Remoting object, and an XML Web service.

  • Configure security for a Windows service, a serviced component, a .NET Remoting object, and an XML Web service.

  • Configure authentication type. Authentication types include Windows authentication, Microsoft .NET Passport, custom authentication, and none.

  • Configure and control authorization. Authorization methods include file-based authorization and URL-based authorization.

  • Configure and implement identity management.

Recently, the software industry has experienced a push for improved application security. Although in prior years features were emphasized over security, the tide has begun to turn. For instance, in Windows Server 2003, many services turned on by default in prior Windows server operating systems are now disabled by default. This new emphasis on security occurred for a variety of reasons, including the IT Industry's’ frustration with the sheer number of critical patches required for software installed on corporate servers and desktops. In addition software vendors’ pushed the security issue so that they could minimize legal repercussions in the event that their software were involved in a breach of security at a customer site.

Given this new emphasis on secure coding, it should be no surprise that Microsoft has asked developers to concentrate more on security than they have in the past. Proper use of .NET security features can substantially reduce the vulnerability of these applications and the systems that host them, to unauthorized and even malicious use.

In this chapter, you will look first at basic security concepts and security features of the .NET Framework. From there, you will delve into the code security models provided by the .NET Framework, which include brand new models such as .NET Framework role-based security and code-access security, as well as a model borrowed from earlier technologies such as COM+. Additionally, you will examine various ways to implement encryption by using the .NET Framework, a concept vital to ensuring secure transmission of data across insecure networks.

Note 

Chapter 10, “Deploying, Securing, and Configuring Windows-Based Applications,” and Chapter 11, “Deploying, Securing, and Configuring XML Web Services,” delve further into the selection and implementation of appropriate security for production components and services.



MCAD/MCSD(c) Visual Basic. NET XML Web Services and Server Components Study Guide
MCAD/MCSD: Visual Basic .NET XML Web Services and Server Components Study Guide
ISBN: 0782141935
EAN: 2147483647
Year: 2005
Pages: 153

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net