Difference between revisions of ".NET Security for Architects"

From OWASP
Jump to: navigation, search
Line 11: Line 11:
 
Security concerns must be addressed at the architectural level.  This section is to provide tools and guidance for the .NET architect.
 
Security concerns must be addressed at the architectural level.  This section is to provide tools and guidance for the .NET architect.
  
'''Areas of Concern'''
+
===Areas of Concern===
  
 
*Conceptual Architecture
 
*Conceptual Architecture
Line 25: Line 25:
 
*Separating Roles - Build Systems and Software Promotion
 
*Separating Roles - Build Systems and Software Promotion
  
'''Articles'''
+
===Articles===
  
 
[http://msdn2.microsoft.com/en-us/library/yedba920.aspx ASP.NET Security Architecture]
 
[http://msdn2.microsoft.com/en-us/library/yedba920.aspx ASP.NET Security Architecture]
Line 35: Line 35:
 
[http://en.wikipedia.org/wiki/WS-%2A Web Service Specifications]
 
[http://en.wikipedia.org/wiki/WS-%2A Web Service Specifications]
  
'''References'''
+
===References===
  
 
[http://www.iasahome.org/web/home/home International Association of Software Architects]
 
[http://www.iasahome.org/web/home/home International Association of Software Architects]
Line 43: Line 43:
 
[http://channel9.msdn.com/wiki/default.aspx/SecurityWiki.HomePage Patterns and Practices Security Wiki]
 
[http://channel9.msdn.com/wiki/default.aspx/SecurityWiki.HomePage Patterns and Practices Security Wiki]
  
'''Tools'''
+
===Tools===

Revision as of 00:19, 6 April 2008

.NET Security for Architects

Section Quick Reference

Security concerns must be addressed at the architectural level. This section is to provide tools and guidance for the .NET architect.

Areas of Concern

  • Conceptual Architecture
  • Security Requirements & Threat Modeling
  • Design Review
  • Requirements Testing
  • Implementation
  • Separating Roles - Build Systems and Software Promotion

Articles

ASP.NET Security Architecture

Security Engineering

Solutions to SOA Security

Web Service Specifications

References

International Association of Software Architects

Patterns and Practices

Patterns and Practices Security Wiki

Tools