Difference between revisions of ".NET Security for Architects"

From OWASP
Jump to: navigation, search
Line 11: Line 11:
  
 
===Areas of Concern===
 
===Areas of Concern===
 +
 +
*Application Lifecycle
  
 
*Conceptual Architecture
 
*Conceptual Architecture
Line 41: Line 43:
  
 
[http://channel9.msdn.com/wiki/default.aspx/SecurityWiki.HomePage Patterns and Practices Security Wiki]
 
[http://channel9.msdn.com/wiki/default.aspx/SecurityWiki.HomePage Patterns and Practices Security Wiki]
 +
 +
[http://www.microsoft.com/downloads/details.aspx?familyid=2412c443-27f6-4aac-9883-f55ba5b01814&displaylang=en&Hash=4fZb2FzZ7%2bmaj0VqoUbFZzzw0WW5%2bxWjK3XBVit5eX%2b%2bB90vmLtZlAstlNg9cRu6Pg%2b50DNCMhGT6ADei7DgFg%3d%3d Microsoft Security Development Lifecycle 3.2]
 +
  
 
===Tools===
 
===Tools===

Revision as of 10:38, 13 April 2008

.NET Security Quick Reference

Contents

.NET Security for Architects

Security concerns must be addressed at the architectural level. This section is to provide tools and guidance for the .NET architect.

Areas of Concern

  • Application Lifecycle
  • Conceptual Architecture
  • Security Requirements & Threat Modeling
  • Design Review
  • Requirements Testing
  • Implementation
  • Separating Roles - Build Systems and Software Promotion

Articles

ASP.NET Security Architecture

Security Engineering

Solutions to SOA Security

Web Service Specifications

References

International Association of Software Architects

Patterns and Practices

Patterns and Practices Security Wiki

Microsoft Security Development Lifecycle 3.2


Tools