Deployment Checklist

Previous page
Table of content
Next page


This chapter has presented a number of measures you can take to secure your application for deployment, such as Authenticode signing, strong-name signing, and applying .NET security policy updates. The following checklist provides the list of measures you should take to secure your application and the order in which you should perform the steps:

  1. Create a release build of the application, not a debug build. This includes making sure all preprocessor constant values, which are checked in your code using the #If …Then statement are appropriately set for release. Use the AssemblyDelaySign attribute if you intend to strong-name the application later.

  2. Obfuscate the application if you choose to do so.

  3. Strong-name sign the application.

  4. Authenticode-sign the application with an X.509 certificate. This is not required if you Authenticode-sign the deployment package itself.

  5. Create the deployment package for the application. Be sure to include all strong-named binaries—.EXEs or .DLLs—in your deployment package. Anytime you rebuild a strong-named binary, you’ll need to repeat the steps to strong-name sign the binary and re-create the deployment package.

  6. Authenticode-sign the deployment package. This can be done at the same time the deployment package is built, as shown previously.

  7. If the application requires updates to the .NET security policy, create the deployment package containing the .NET security-policy updates.

  8. Virus-scan all files that make up the deployment package, including the deployment package itself.

  9. Test that the application installs and runs properly in all target environments.

  10. Test that all files are properly signed.

Although deployment implies a one-time event, it should be treated as a process. Just as you’ll find bugs in code, you’ll also find bugs in the deployment process. You should design and implement your deployment process at the same time you design and implement your application. Each time you create a build of your application, go through the deployment steps and create a deployment package for that build. Set up your application in the same way you expect your customers to install the application, and test it. This enables you to test your application and the deployment simultaneously, avoiding any surprises when you produce the final release.


Previous page
Table of content
Next page
Security for Microsoft Visual Basic .NET
Security for Microsoft Visual Basic .NET
ISBN: 735619190
EAN: N/A
Year: 2003
Pages: 168
BUY ON AMAZON
Beginners Guide to DarkBASIC Game Programming (Premier Press Game Development)
Absolute Beginner[ap]s Guide to Project Management
Cisco IP Communications Express: CallManager Express with Cisco Unity Express
Programming Microsoft ASP.NET 3.5
Twisted Network Programming Essentials
MPLS Configuration on Cisco IOS Software
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy