Difference between revisions of ".NET Security for Architects"

From OWASP
Jump to: navigation, search
(.NET Security for Architects)
(.NET Security for Architects)
Line 15: Line 15:
 
Security concerns must be addressed at the architectural level.  This section is to provide tools and guidance for the .NET architect.
 
Security concerns must be addressed at the architectural level.  This section is to provide tools and guidance for the .NET architect.
  
===Areas of Concern===
+
'''Areas of Concern'''
 
*Conceptual Architecture
 
*Conceptual Architecture
  
Line 28: Line 28:
 
*Separating Roles - Build Systems and Software Promotion
 
*Separating Roles - Build Systems and Software Promotion
  
===Articles===
+
'''Articles'''
 
[http://msdn2.microsoft.com/en-us/library/yedba920.aspx ASP.NET Security Architecture]
 
[http://msdn2.microsoft.com/en-us/library/yedba920.aspx ASP.NET Security Architecture]
  
Line 37: Line 37:
 
[http://en.wikipedia.org/wiki/WS-%2A Web Service Specifications]
 
[http://en.wikipedia.org/wiki/WS-%2A Web Service Specifications]
  
===References===
+
'''References'''
 
[http://www.iasahome.org/web/home/home International Association of Software Architects]
 
[http://www.iasahome.org/web/home/home International Association of Software Architects]
  

Revision as of 22:48, 31 March 2008

.NET Security for Architects

OWASP Project Quick Reference

Security concerns must be addressed at the architectural level. This section is to provide tools and guidance for the .NET architect.

Areas of Concern

  • Conceptual Architecture
  • Security Requirements & Threat Modeling
  • Design Review
  • Requirements Testing
  • Implementation
  • Separating Roles - Build Systems and Software Promotion

Articles ASP.NET Security Architecture

Security Engineering

Solutions to SOA Security

Web Service Specifications

References International Association of Software Architects

Patterns and Practices

Patterns and Practices Security Wiki

Tools