With the spread of web-enabled desktop clients and web-server based
applications, developers can no longer afford to treat security as an
afterthought. It's one topic, in fact, that .NET forces you to address,
since Microsoft has placed security-related features at the core of the
.NET Framework. Yet, because a developer's carelessness or lack of
experience can still allow a program to be used in an unintended way,
Programming .NET Security shows you how the various tools will help
you write secure applications.The book works as both a comprehensive
tutorial and reference to security issues for .NET application
development, and contains numerous practical examples in both the C# and
VB.NET languages. With Programming .NET Security, you will learn to
apply sound security principles to your application designs, and to
understand the concepts of identity, authentication and authorization
and how they apply to .NET security. This guide also teaches you to:
- use the .NET run-time security features and .NET security namespaces
and types to implement best-practices in your applications, including
evidence, permissions, code identity and security policy, and role
based and Code Access Security (CAS) use the .NET cryptographic APIs,
from hashing and common encryption algorithms to digital signatures
and cryptographic keys, to protect your data.
- use COM+ component services in a secure manner
If you program with ASP.NET will also learn how to apply security to
your applications. And the book also shows you how to use the Windows
Event Log Service to audit Windows security violations that may be a
threat to your solution.Authors Adam Freeman and Allen Jones, early .NET
adopters and long-time proponents of an "end-to-end" security model,
based this book on their years of experience in applying security
policies and developing products for NASDAQ, Sun Microsystems, Netscape,
Microsoft, and others. With the .NET platform placing security at center
stage, the better informed you are, the more secure your project will
be.
