Programming .NET Security

ISBN:0596004427
Pages:704
Date:2003-06
Publisher:O'Reilly
Rating:5.0

Read Programming .NET Security Online
1. Online Book Mirror [infosec.pku.edu.cn][CHM](TIP:right click and save)

    Book Description
With the spread of web-enabled desktop clients and web-server based applications, developers can no longer afford to treat security as an afterthought. It's one topic, in fact, that .NET forces you to address, since Microsoft has placed security-related features at the core of the .NET Framework. Yet, because a developer's carelessness or lack of experience can still allow a program to be used in an unintended way, Programming .NET Security shows you how the various tools will help you write secure applications. The book works as both a comprehensive tutorial and reference to security issues for .NET application development, and contains numerous practical examples in both the C# and VB.NET languages. With Programming .NET Security, you will learn to apply sound security principles to your application designs, and to understand the concepts of identity, authentication and authorization and how they apply to .NET security. This guide also teaches you to:

• use the .NET run-time security features and .NET security namespaces and types to implement best-practices in your applications, including evidence, permissions, code identity and security policy, and role based and Code Access Security (CAS) use the .NET cryptographic APIs , from hashing and common encryption algorithms to digital signatures and cryptographic keys, to protect your data.
• use COM+ component services in a secure manner

If you program with ASP.NET will also learn how to apply security to your applications. And the book also shows you how to use the Windows Event Log Service to audit Windows security violations that may be a threat to your solution. Authors Adam Freeman and Allen Jones, early .NET adopters and long-time proponents of an "end-to-end" security model, based this book on their years of experience in applying security policies and developing products for NASDAQ, Sun Microsystems, Netscape, Microsoft, and others. With the .NET platform placing security at center stage, the better informed you are, the more secure your project will be. /p>
Reviews From AMAZON.COM
Don't think twice, just buy this book
One of the best book that I will strogly recommend for any one who wants to understand .NET security subject. I was grappling with CAS for some time and how hard I would try, still I could not explain code group, permission and evidence and how they are interlinked. Not only authors have done a tremendous job at explaining CAS but cryptography is yet another section they have done great justice to. The diagrams in this chapter very clearly explains the key concepts of cryptography. A great book that will not disappoint you.
Best .NET security book I've seen
While there is a lot of talk about .NET security, relatively little can be found in terms of documentation, which is one reason why this book is so refreshing. In addition to discussing some of the reasons behind certain security schemes, the theory is explained as well as the C# implementation. While there are some .NET specific security issues discussed (e.g. configuring worker processes), the section on cryptography should be required reading for everyone in the computer industry.I get really excited about a book when it contains a lot of good information and I am able to actually use it to solve real-world problems. After reading this book, I was able to help solve a really tricky (and politically challenging) security issue quite quickly. If you have anything to do with your company's security systems or write any .NET code, I think this book deserves a place in your reference section. This is certainly the best book on .NET security I have read thus far.