.NET Development Security Solutions
.NET Development Security Solutions
ISBN: 0782142664
EAN: 2147483647
EAN: 2147483647
Year: 2003
Pages: 168
Pages: 168
Authors: John Paul Mueller
- Table of Contents
- BackCover
- .NET Development Security Solutions
- Introduction
- Who Should Read This Book?
- Tools Required
- Part I: Introduction to .NET Security
- Chapter 1: Understanding .NET Security
- An Overview of .NET Framework Enhancements
- Security Problems .NET Can t Stop
- .NET Framework Security Architecture Considerations
- Summary
- Chapter 2: .NET Framework Security Overview
- Locating the Security Information You Need
- Understanding the System.Runtime. Remoting.Contexts Namespace
- Understanding the System.Security Namespace
- Understanding the System.Security. Cryptography Namespace
- Understanding the System.Security. Permissions Namespace
- Understanding the System.Security. Policy Namespace
- Understanding the System.Security. Principal Namespace
- Understanding the System.Web. Security Namespace
- Understanding the System. DirectoryServices Namespace
- Summary
- Chapter 3: Avoiding Common Errors and Traps
- Preventing Data Entry Errors
- Stopping Buffer Overruns
- Controlling Access
- Avoiding Canonical Representation Issues
- Summary
- Part II: Desktop and LAN Security
- Chapter 4: .NET Role-Based Security Techniques
- Understanding How .NET Role-Based Security Differs
- Using the Permission View Tool
- Using the .NET Framework Configuration Tool
- Defining Effective Declarative Security
- Defining Effective Imperative Security
- Securing the Registry
- Developing a Secure Desktop Application Installation
- Summary
- Chapter 5: Policies and Code Groups in Detail
- Using the Code Access Security Policy Tool
- Using Code Groups
- Using Policy Objects
- Summary
- Chapter 6: Validation and Verification Issues
- Ensuring Trust in the Managed Environment
- Validating Your Code
- Relying on the AppDomain for Managed Code
- Extending the AppDomain to Unmanaged Code
- Summary
- Chapter 7: .NET Cryptographic Techniques
- Administering the Cryptographic Settings
- Understanding the Supported Cryptographic Methods
- Encrypting and Decrypting Files
- Using the System.Security. Cryptography. X509Certificates Namespace
- Using Hash Functions
- Summary
- Chapter 8: LAN Security Requirements
- Working with Sockets
- Understanding RPC Security
- Working with DCOM
- Developing a Secure Server Application Installation
- Working with COM
- Summary
- Part III: Web-based Security
- Chapter 9: Web Server Security
- Keeping the Server Safe
- Administering the Server
- Avoiding Distributed Denial of Service (DDOS) Attacks
- Overcoming Apparent Communication Errors
- Using Web-based Application Testing Techniques
- Developing a Secure Web-based Application Installation
- Summary
- Chapter 10: Web Data Security
- Defining the Database Connection
- Stemming the Tide of Leaking Information
- Implementing Data Encryption
- Understanding Remoting and Data Encryption
- Summary
- Chapter 11: Securing XML and Web Services
- Securing Web Services
- Using the System. Security. Cryptography. Xml Namespace
- Working with WS-Security
- Working with the eXtensible Access Control Markup Language
- Using the Visual Studio .NET Passport Features
- Using the Web Service Features of COM 1.5
- Summary
- Part IV: Other Security Topics
- Chapter 12: Active Directory Security
- Monitoring Active Directory
- Using Active Directory in Place of the Registry
- Understanding Domain Trust Relationships
- Managing Directory Services
- Summary
- Chapter 13: Wireless Device Security
- .NET Compact Framework Security Considerations
- The Two Environments of Wireless Programs
- Effects of Security Policy on Mobile Applications
- Component Calling Limitations
- Using the System.Web.Security Namespace
- Summary
- Chapter 14: Win32 API Overview
- Knowing When to Use the Win32 API
- Understanding the Windows Security API
- Considering Access Problems with the Win32 API
- Using the Access Control Editor
- Using the Security Configuration Editor
- Working with SIDs
- Accessing an ACE Directly
- Summary
- Chapter 15: Win32 API Advanced Techniques
- Working with the DACL
- Working with the SACL
- Securing Controls and Components
- Securing Files
- Using the RegGetKeySecurity() and RegSetKeySecurity() Functions
- Working with Remote Unmanaged Components
- Summary
- Glossary
- B
- C
- D
- E
- G
- H
- I
- J
- L
- M
- N
- O
- P
- R
- S
- T
- U
- W
- X
- Index
- Index_B
- Index_C
- Index_D
- Index_E
- Index_F
- Index_G
- Index_H
- Index_I
- Index_J
- Index_K
- Index_L
- Index_M
- Index_N
- Index_O
- Index_P
- Index_Q
- Index_R
- Index_S
- Index_T
- Index_U
- Index_V
- Index_W
- Index_X
- Index_Z
- List of Figures
- List of Tables
- List of Listings
- List of Sidebars
.NET Development Security Solutions
ISBN: 0782142664
EAN: 2147483647
EAN: 2147483647
Year: 2003
Pages: 168
Pages: 168
Authors: John Paul Mueller