- Paperback: 816 pages
- Publisher: Addison-Wesley Professional; 1 edition (April 24 2002)
- Language: English
- ISBN-10: 067232184X
- ISBN-13: 978-0672321849
- Product Dimensions: 23.2 x 18.5 x 4.5 cm
- Shipping Weight: 1.3 Kg
- Average Customer Review: 3.8 out of 5 stars See all reviews (13 customer reviews)
- Amazon Bestsellers Rank: #1,331,424 in Books (See Top 100 in Books)
- See Complete Table of Contents
|
||||||||||||||||||
|
||||||||||||||||||
|
||||||||||||||||||
Product Details |
Product Description
Book Description
.NET Framework Security is the authoritative, comprehensive, technical guide to the security features of the .NET platform written by the Microsoft developers who are writing, testing and executing those very features.
The six co-authors are all core members of the common language runtime team and have been at the heart of .NET Security development at Microsoft
This book is a "must have" shelf reference for all serious developers and potential administrators of the .NET Framework.
Includes anecdotes, tips and "what if" scenarios based upon Microsoft developers actual experiences, both past and present. .NET Framework Security contains security features of the .NET Framework and Common Language Runtime. The focus is on the new technologies introduced with .NET, with treatment of existing technologies as leveraged by .NET (but not those existing technologies themselves)
Sebastian Lange, Brian LaMacchia, Rudi Martin, Matthew Lyons, Greg Singleton and Brian Pratt, Common Language Runtime Team, Microsoft Corporation.
The six co-authors are all core members of the common language runtime team and have been at the heart of .NET Security development at Microsoft
This book is a "must have" shelf reference for all serious developers and potential administrators of the .NET Framework.
Includes anecdotes, tips and "what if" scenarios based upon Microsoft developers actual experiences, both past and present. .NET Framework Security contains security features of the .NET Framework and Common Language Runtime. The focus is on the new technologies introduced with .NET, with treatment of existing technologies as leveraged by .NET (but not those existing technologies themselves)
Sebastian Lange, Brian LaMacchia, Rudi Martin, Matthew Lyons, Greg Singleton and Brian Pratt, Common Language Runtime Team, Microsoft Corporation.
From the Back Cover
In 1997, Microsoft embarked on a "bet the company" strategy that was to reinvent the way the company did business. Even before its release, .NET made major strides in reinventing the way that software developers viewed the software they wrote.
Now that it is released, .NET and the .NET Framework will change the software development process for good.
.NET Framework Security provides the ultimate high-end comprehensive reference to all of the new security features available in .NET. Through extensive code samples and step-by-step walkthroughs of configuration techniques, the reader is taken deep into the world of secure applications. Demonstrations of creating custom procedures and a full explanation of each aspect separate this book from many other "lecture books." Many of the concepts expressed in this book are not only viable in .NET, but on the Internet in general. These factors combined make this the one reference that every developer and system administrator should have.
.NET Framework Security provides
- An extensive introduction to explanation of Code Access Security, the powerful new security system shipping in the .NET Framework
- Information on how to write and test safe applications using the .NET Framework
- Extensive coverage on how to effectively administer .NET Framework security
- In-depth introduction to the cryptography library shipping in the .NET Framework, including an introduction to XML digital signatures
- An overview of all of the new security features available in .NET
- Code samples that can be used to implement security on your own Web site or application
- Step-by-step guidelines for modifying the various configuration files associated with .NET, and an explanation of the elements involved
- Instructions for all of the aspects of security in the CLR and what it means
- How to use ASP.NET to create a secure application
- Explanations for using the CryptoAPI libraries to create your own custom functionality
- Guidelines on how to create secure network applications as well as applications that exist on the Internet
- Detailed examples of how to establish security parameters in IIS that relate to ASP.NET
- Instructions for administering .NET applications hosted in IE
067232184XB04232002
Tag this product(What's this?)Think of a tag as a keyword or label you consider is strongly related to this product.
Tags will help all customers organize and find favorite items. |
Customer Reviews
|
Share your thoughts with other customers:
|
||||||||||||||||||||||
|
Most helpful customer reviews
2.0 out of 5 stars
Good material on CAS, TERRIBLE material on ASP.NET Security,
By
This review is from: .NET Framework Security (Paperback)
Four of the authors do a reasonably good job explaining the whole concept of CAS. At times, they seem to be repeating themselves, but the result is that you cannot walk away without understanding what they wanted you to understand because of this repetition.The downside of this book is the material by Kevin T. Price. They delegated the ASP.NET/Web security to him. Much of his work is a cut and paste of the SDK docs. For his examples, he uses the grid layout of ASP.NET, which makes the declarative code completely unreadable. He leaves in all of the code generated by Visual Studio.NET, despite its irrelevance. He spends a great deal of time discussing IIS configuration, which you might argue is not relevant to the subject matter at hand (this should be a very specialized book, and it is everywhere else). He refers us to a code download on the Sam's website - unfortunately, Sam's is not the publisher of this book. He puts in some sample JSP code for no apparent reason, apparently to teach us about diversity in the web environment. When you buy a book on .NET Framework Security, it is probably because you are interested in .NET, and not because you are interested in the web development ecosystem. Finally, his grand finale chapter is on writing a secure web application. All he manages to achieve here is to create a forms auth login page. Even more troubling is the fact that this sample - in a book on *security* - has a glaring SQL Injection Vulnerability. The one thing he creates is completely and disturbingly wrong. Web developers who buy this book to write more secure applications are likely to end up writing even worse applications by implementing his ideas. Read this book if you want to learn about CAS. Do not stop at this book if you actually need to write secure web applications - in fact, don't even start here. You're better off sticking with the PAG materials.
4.0 out of 5 stars
A great starting point,
By
This review is from: .NET Framework Security (Paperback)
This book is an excellent starting point for understanding the .NET framework security mechanisms. Especially code access security. Its only real failings are the lack of depth in a few obscure areas (details around simulating permissions that might be granted to an app deployed via the Internet and hosted in IE). You could glean most of this information from the internet and spend a month doing it, like I did. Or spend $$$ and few hours reading this well written book.
4.0 out of 5 stars
Good Information,
By Elijah D "dev1zero" (Bothell, WA United States) - See all my reviews
This review is from: .NET Framework Security (Paperback)
When I was assigned the task of finding out what .NET security was all about in the web environment, I didn't know what I was getting into. The whole .NET security infrastructure is really a handful. This book helps the reader understand what its all about.Another thing I like about the book is the fact that it has short chapters. This made it easier for me to read through it with above average speed.
Share your thoughts with other customers: Create your own review
Want to see more reviews on this item?
|
Most recent customer reviews |
Listmania!
Look for similar items by category
- Books > Business & Investing > Industries & Professions > E-commerce
- Books > Computers & Internet > Business & Culture > Privacy
- Books > Computers & Internet > Certification Central > Exams > Security+
- Books > Computers & Internet > Microsoft > Networking
- Books > Computers & Internet > Networking > Network Security
- Books > Computers & Internet > Networking > Networks, Protocols & APIs
- Books > Computers & Internet > Programming > Software Design, Testing & Engineering > Software Development
- Books > Computers & Internet > Software
- Books > Computers & Internet > Web Development > Security & Encryption > Encryption
Look for similar items by subject
Feedback
Would you like to update product info or give feedback on images?
