Flylib.com
Security for Microsoft Visual Basic .NET
Security for Microsoft Visual Basic .NET
ISBN: 735619190
EAN: N/A
Year: 2003
Pages: 168
BUY ON AMAZON
Table of Contents
BackCover
Security for Microsoft Visual Basic .NET
Introduction
How to Use the Code Samples
A Final Word
Corrections, Comments, and Help
Acknowledgments
Part I: Development Techniques
Chapter 1: Encryption
Practice Files
Hash Digests
Private Key Encryption
Public Key Encryption
Hiding Unnecessary Information
Encryption in the Real World
Summary
Chapter 2: Role-Based Authorization
Role-Based Authorization Exercise
Windows Integrated Security
ASP.NET Authentication and Authorization
Role-Based Authorization in the Real World
Summary
Chapter 3: Code-Access Security
How Actions Are Considered Safe or Unsafe
What Prevents Harmful Code from Executing?
It s On By Default
Security Features and the Visual Basic .NET Developer
Code-Access Security vs. Application Role-Based Security
Run Your Code in Different Security Zones
Code-Access Security in the Real World
Summary
Chapter 4: ASP.NET Authentication
Employee ManagementWeb Practice Files
Forms Authentication
Windows Integrated Security Authentication
Passport Authentication
ASP.NET Authentication in the Real World
Summary
Chapter 5: Securing Web Applications
Secure Sockets Layer
Securing Web Services
Implementing an Audit Trail
Securing Web Applications in the Real World
Summary
Part II: Ensuring Hack- Resistant Code
Chapter 6: Application Attacks and How to Avoid Them
Denial of Service Attacks
File-Based or Directory-Based Attacks
SQL-Injection Attacks
Cross-Site Scripting Attacks
Child-Application Attacks
Guarding Against Attacks in the Real World
Summary
Chapter 7: Validating Input
Working with Input Types and Validation Tools
Summary
Chapter 8: Handling Exceptions
Where Exceptions Occur
Exception Handling
Global Exception Handlers
Exception Handling in the Real World
Summary
Chapter 9: Testing for Attack- Resistant Code
Plan of Attack - The Test Plan
Attack - Execute the Plan
Common Testing Mistakes
Testing in the Real World
Summary
Part III: Deployment and Configuration
Chapter 10: Securing Your Application for Deployment
Deployment Techniques
Code-Access Security and Deployment
Certificates and Signing
Deploying .NET Security Policy Updates
Protecting Your Code - Obfuscation
Deployment Checklist
Deployment in the Real World
Summary
Chapter 11: Locking Down Windows, Internet Information Services, and .NET
I m Already Protected. I m Using a Firewall.
Fundamental Lockdown Principles
Automated Tools
Locking Down Windows Clients
Locking Down Windows Servers
Locking Down IIS
Locking Down .NET
Summary
Chapter 12: Securing Databases
Core Database Security Concepts
SQL Server Authentication
SQL Server Authorization
Microsoft Access Authentication and Authorization
Locking Down Microsoft Access
Locking Down SQL Server
Summary
Part IV: Enterprise-Level Security
Chapter 13: Ten Steps to Designing a Secure Enterprise System
Design Challenges
Step 1: Believe You Will Be Attacked
Step 2: Design and Implement Security at the Beginning
Step 3: Educate the Team
Step 4: Design a Secure Architecture
Step 5: Threat-Model the Vulnerabilities
Step 6: Use Windows Security Features
Step 7: Design for Simplicity and Usability
Step 8: No Back Doors
Step 9: Secure the Network with a Firewall
Step 10: Design for Maintenance
Summary
Chapter 14: Threats - Analyze, Prevent, Detect, and Respond
Analyze for Threats and Vulnerabilities
Prevent Attacks by Mitigating Threats
Detection
Respond to an Attack
Security Threats in the Real World
Summary
Chapter 15: Threat Analysis Exercise
Analyze for Threats
Respond to Threats
Summary
Chapter 16: Future Trends
The Arms Race of Hacking
What Happens Next?
Responding to Security Threats
Summary
Appendix A: Guide to the Code Samples
Employee Management System
Employee Management Web
Encryption Demo
TogglePassport Environment utility
Employee Database Structure
Migrating the Employee Database to SQL Server 2000
Appendix B: Contents of SecurityLibrary.vb
Private Key Encryption
DPAPI Encryption
Public Key Encryption
Logging Exceptions
Role-Based Security
Validating Input
Index
Index_A
Index_B
Index_C
Index_D
Index_E
Index_F
Index_G
Index_H
Index_I
Index_J-K
Index_L
Index_M
Index_N
Index_O
Index_P
Index_Q-R
Index_S
Index_T
Index_U
Index_V
Index_W
Index_X
Index_Z
List of Figures
List of Tables
List of Sidebars
Security for Microsoft Visual Basic .NET
ISBN: 735619190
EAN: N/A
Year: 2003
Pages: 168
BUY ON AMAZON
The CISSP and CAP Prep Guide: Platinum Edition
Information Security and Risk Management
Access Control
Business Continuity Planning and Disaster Recovery Planning
Physical (Environmental) Security
Appendix C The Information System Security Architecture Professional (ISSAP) Certification
Cisco IOS Cookbook (Cookbooks (OReilly))
Backing Up Router Configurations
Static Routes That Track Interfaces or Other Routes
Configuring ATM Subinterfaces
Preventing Unauthorized Configuration Modifications
Login Password Retry Lockout
Service-Oriented Architecture (SOA): Concepts, Technology, and Design
Fundamental SOA
The continuing evolution of SOA (standards organizations and contributing vendors)
Policies
Native Web service support for service-orientation principles
Part IV: Building SOA (Planning and Analysis)
Oracle SQL*Plus: The Definitive Guide (Definitive Guides)
Generating the Entire Page
Commenting Your Scripts
Indexes
Using SQL*Plus Timers
Section B.2. Formatting Character Strings
HTI+ Home Technology Integrator & CEDIA Installer I All-In-One Exam Guide
Codes, Standards, and Safety Practices
Troubleshooting Audio Systems
Installing a Home Lighting Control System
Home Security Surveillance Systems
Appendix E CEDIA Installer Level I Classification System
DNS & BIND Cookbook
Mapping Any Domain Name in a Zone to a Single IP Address
Storing the Location of a Host in DNS
Dividing a Large named.conf File into Multiple Files
Configuring a BIND Name Server to Accommodate a Slave Running the Microsoft DNS Server
IPv6
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy
This website uses cookies. Click
here
to find out more.
Accept cookies