- Security for Microsoft® Visual Basic® .NET
- Introduction
- I. Development Techniques
- 1. Encryption
- 2. Role-Based Authorization
- 3. Code-Access Security
- How Actions Are Considered Safe or Unsafe
- What Prevents Harmful Code from Executing?
- It’s On By Default
- Security Features and the Visual Basic .NET Developer
- Code-Access Security vs. Application Role-Based Security
- Run Your Code in Different Security Zones
- Code-Access Security in the Real World
- Summary
- 4. ASP.NET Authentication
- 5. Securing Web Applications
- II. Ensuring Hack-Resistant Code
- 6. Application Attacks and How to Avoid Them
- 7. Validating Input
- 8. Handling Exceptions
- 9. Testing for Attack-Resistant Code
- III. Deployment and Configuration
- 10. Securing Your Application for Deployment
- Deployment Techniques
- Code-Access Security and Deployment
- Certificates and Signing
- Deploying .NET Security Policy Updates
- Protecting Your Code—Obfuscation
- Deployment Checklist
- Deployment in the Real World
- Summary
- 11. Locking Down Windows, Internet Information Services, and .NET
- 12. Securing Databases
- 10. Securing Your Application for Deployment
- IV. Enterprise-Level Security
- 13. Ten Steps to Designing a Secure Enterprise System
- Design Challenges
- Step 1: Believe You Will Be Attacked
- Step 2: Design and Implement Security at the Beginning
- Step 3: Educate the Team
- Step 4: Design a Secure Architecture
- Step 5: Threat-Model the Vulnerabilities
- Step 6: Use Windows Security Features
- Step 7: Design for Simplicity and Usability
- Step 8: No Back Doors
- Step 9: Secure the Network with a Firewall
- Step 10: Design for Maintenance
- Summary
- 14. Threats—Analyze, Prevent, Detect, and Respond
- 15. Threat Analysis Exercise
- 16. Future Trends
- 13. Ten Steps to Designing a Secure Enterprise System
- A. Guide to the Code Samples
- B. Contents of SecurityLibrary.vb
- C. About the Authors
- Index
- About the Authors
O
- obfuscating code, Deploy .NET Enterprise Security Policy Updates
- off switches, Step 10: Design for Maintenance
- OleDbPermission, Security Zones and Permissions
- On ErrorGoTo statements, Exception Handling
- one-way cryptography, Encryption
- (see also )
- Open keyword, Draw Architectural Sketch and Review for Threats
- Operating System security restrictions, Code-Access Security Preempts Application Role-Based Security
- operating system vulnerabilities, non-Windows, The Arms Race of Hacking
- Owner-Admin model, Microsoft Access User-Level Security Models
-
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.