Difference between revisions of ".NET Security for Architects"

From OWASP
Jump to: navigation, search
(.NET Security for Architects)
(.NET Security for Architects)
Line 16: Line 16:
  
 
'''Areas of Concern'''
 
'''Areas of Concern'''
 +
 
*Conceptual Architecture
 
*Conceptual Architecture
  
Line 29: Line 30:
  
 
'''Articles'''
 
'''Articles'''
 +
 
[http://msdn2.microsoft.com/en-us/library/yedba920.aspx ASP.NET Security Architecture]
 
[http://msdn2.microsoft.com/en-us/library/yedba920.aspx ASP.NET Security Architecture]
  
Line 38: Line 40:
  
 
'''References'''
 
'''References'''
 +
 
[http://www.iasahome.org/web/home/home International Association of Software Architects]
 
[http://www.iasahome.org/web/home/home International Association of Software Architects]
  
Line 44: Line 47:
 
[http://channel9.msdn.com/wiki/default.aspx/SecurityWiki.HomePage Patterns and Practices Security Wiki]
 
[http://channel9.msdn.com/wiki/default.aspx/SecurityWiki.HomePage Patterns and Practices Security Wiki]
  
===Tools===
+
'''Tools'''

Revision as of 22:49, 31 March 2008

.NET Security for Architects

OWASP Project Quick Reference

Security concerns must be addressed at the architectural level. This section is to provide tools and guidance for the .NET architect.

Areas of Concern

  • Conceptual Architecture
  • Security Requirements & Threat Modeling
  • Design Review
  • Requirements Testing
  • Implementation
  • Separating Roles - Build Systems and Software Promotion

Articles

ASP.NET Security Architecture

Security Engineering

Solutions to SOA Security

Web Service Specifications

References

International Association of Software Architects

Patterns and Practices

Patterns and Practices Security Wiki

Tools