Programming .NET Security

Programming .NET Security

5.0 1
by Adam Freeman, Allen Jones
     
 

View All Available Formats & Editions

With the spread of web-enabled desktop clients and web-server based applications, developers can no longer afford to treat security as an afterthought. It's one topic, in fact, that .NET forces you to address, since Microsoft has placed security-related features at the core of the .NET Framework. Yet, because a developer's carelessness or lack of experience can

…  See more details below

Overview

With the spread of web-enabled desktop clients and web-server based applications, developers can no longer afford to treat security as an afterthought. It's one topic, in fact, that .NET forces you to address, since Microsoft has placed security-related features at the core of the .NET Framework. Yet, because a developer's carelessness or lack of experience can still allow a program to be used in an unintended way, Programming .NET Security shows you how the various tools will help you write secure applications.The book works as both a comprehensive tutorial and reference to security issues for .NET application development, and contains numerous practical examples in both the C# and VB.NET languages. With Programming .NET Security, you will learn to apply sound security principles to your application designs, and to understand the concepts of identity, authentication and authorization and how they apply to .NET security. This guide also teaches you to:

  • use the .NET run-time security features and .NET security namespaces and types to implement best-practices in your applications, including evidence, permissions, code identity and security policy, and role based and Code Access Security (CAS) use the .NET cryptographic APIs , from hashing and common encryption algorithms to digital signatures and cryptographic keys, to protect your data.
  • use COM+ component services in a secure manner
If you program with ASP.NET will also learn how to apply security to your applications. And the book also shows you how to use the Windows Event Log Service to audit Windows security violations that may be a threat to your solution.Authors Adam Freeman and Allen Jones, early .NET adopters and long-time proponents of an "end-to-end" security model, based this book on their years of experience in applying security policies and developing products for NASDAQ, Sun Microsystems, Netscape, Microsoft, and others. With the .NET platform placing security at center stage, the better informed you are, the more secure your project will be.

Read More

Product Details

ISBN-13:
9780596552275
Publisher:
O'Reilly Media, Incorporated
Publication date:
06/27/2003
Sold by:
Barnes & Noble
Format:
NOOK Book
Pages:
718
File size:
6 MB

Meet the Author

Adam Freeman is a professional programmer and the author of two early Java books, Programming the Internet with Java and Active Java, both published by Addison Wesley, as well as Java course materials. His recent experience architecting a green-field e-commerce platform has given him an in-depth understanding of the current security challenges facing those developing large scale distributed systems. Adam has previously worked for Netscape, Sun Microsystems and the NASDAQ stock exchange.

Allen Jones has been developing Windows® solutions since 1990 and working with Windows NT and Win32 since 1993. He was one of the first MCSEs to qualify anywhere in the world. For the last 3 years, Allen has been developing e-commerce and security systems for large corporations and financial institutions. He is a former employee of Microsoft® in both Australia and the UK and co-author, with Adam Freeman, of C# for Java Developers and .NET XML Web Services Step by Step , both from Microsoft Press®.

Read More

Customer Reviews

Average Review:

Write a Review

and post it to your social network

     

Most Helpful Customer Reviews

See all customer reviews >

Programming .NET Security 5 out of 5 based on 0 ratings. 1 reviews.
Guest More than 1 year ago
You really are not a true .NET Programmer until you understand the security mechanisms that are part and parcel with the framework. To program in .NET (or really any component-oriented technology) without security in mind is like parachuting without one strapped to your back. I was waiting for a book like this. Before this book I've had to scour over the internet to try to find out how to get the different areas of security in .NET to work. Now it¿s all here in one book. The theory, the explanations, the warnings, the samples. If you are a serious .NET programmer or .NET policy administrator then this is a must have book. If you don¿t know the difference between ¿host evidence¿ and ¿assembly evidence¿, then you need this book. If you don¿t know the difference between a ¿security demand¿ and a ¿permission request¿, then you are dangerous to the people you do work for. Also, make sure you know the basics already of the language and the framework since this book assumes you do. Good luck.