Author(s) : Adam Freeman, Allen Jones
Publisher : O'Reilly
Year : Jun 2003
ISBN 10 : 0596004427
ISBN 13 : 9780596004422
Language : English
Pages : 714
File type : CHM
Size : 2.8 MB (book + source code)
With the spread of web-enabled desktop clients and web-server based applications, developers can no longer afford to treat security as an afterthought. It's one topic, in fact, that .NET forces you to address, since Microsoft has placed security-related features at the core of the .NET Framework. Yet, because a developer's carelessness or lack of experience can still allow a program to be used in an unintended way, Programming .NET Security shows you how the various tools will help you write secure applications.
The book works as both a comprehensive tutorial and reference to security issues for .NET application development, and contains numerous practical examples in both the C# and VB.NET languages. With Programming .NET Security, you will learn to apply sound security principles to your application designs, and to understand the concepts of identity, authentication and authorization and how they apply to .NET security.
If you program with ASP.NET will also learn how to apply security to your applications. And the book also shows you how to use the Windows Event Log Service to audit Windows security violations that may be a threat to your solution. Authors Adam Freeman and Allen Jones, early .NET adopters and long-time proponents of an "end-to-end" security model, based this book on their years of experience in applying security policies and developing products for NASDAQ, Sun Microsystems, Netscape, Microsoft, and others. With the .NET platform placing security at center stage, the better informed you are, the more secure your project will be.
Programming .NET Security was written for two groups of people. First, we wrote for the architects and designers of .NET applications who must understand the capabilities and limitations of .NET security to factor them into their designs and plans. Each chapter in Parts II, III, and IV begins with a detailed discussion that describes the technology but does not go to the level of discussing individual classes and methods.
Second, we wrote for all C# and Visual Basic .NET programmers who want to know how to use the features of the .NET Framework to write more secure applications. Following a technical introduction, each chapter in Parts II, III, and IV contains a detailed explanation of how to program the features of the .NET Framework being discussed; numerous code samples accompany these sections to clarify the points being made. Specifically for advanced programmers, our discussions of code-access security and cryptography contain fully worked examples on how to extend the .NET Framework security mechanisms.
This book is focused on .NET Framework security programming; we assume no prior exposure to the .NET security classes, but expect the reader to have basic experience as a competent C# or Visual Basic .NET programmer.
