Difference between revisions of ".NET Security for Architects"

From OWASP
Jump to: navigation, search
(Articles & Projects)
 
(10 intermediate revisions by one user not shown)
Line 1: Line 1:
 
{| align="right" class="wikitable"
 
{| align="right" class="wikitable"
 
|-
 
|-
! .NET Security Quick Reference
+
! OWASP .NET Quick Reference
 
|-  
 
|-  
 
|  
 
|  
Line 13: Line 13:
 
===Areas of Concern===
 
===Areas of Concern===
  
*Application Lifecycle
+
*[[.NET Application Lifecycle | .NET Application Lifecycle]]
  
*Conceptual Architecture
+
*[[.NET Conceptual Architecture | Conceptual Architectures for .NET Web Applications and Services]]
  
*Security Requirements & Threat Modeling
+
*[[.NET Identity Metasystem | Identity and Trust Architectural Concerns in .NET]]
  
*Design Review
+
*[[.NET Threat Modeling | Security Requirements & Threat Modeling]]
  
*Requirements Testing
+
*[[.NET Design Review | Design Review and Checklists]]
  
*Implementation
+
*[[Separating Roles - Build Systems and Software Promotion]]
  
*Separating Roles - Build Systems and Software Promotion
+
*[[Data Loss Prevention Concerns]]
  
*Protecting Data in Motion and at Rest (Data Loss Prevention)
+
===Articles & Projects===
 
+
===Articles===
+
  
 
[http://msdn2.microsoft.com/en-us/library/yedba920.aspx ASP.NET Security Architecture]
 
[http://msdn2.microsoft.com/en-us/library/yedba920.aspx ASP.NET Security Architecture]
Line 38: Line 36:
  
 
[http://en.wikipedia.org/wiki/WS-%2A Web Service Specifications]
 
[http://en.wikipedia.org/wiki/WS-%2A Web Service Specifications]
 +
 +
[http://www.codeplex.com/WCFSecurity Security Guidance for Windows Communication Foundation]
  
 
===References===
 
===References===
Line 51: Line 51:
  
 
===Tools===
 
===Tools===
 +
[http://www.microsoft.com/downloads/details.aspx?familyid=59888078-9daf-4e96-b7d1-944703479451&displaylang=en Microsoft Threat Analysis & Modeling v2.1.2]

Latest revision as of 22:47, 15 May 2008

OWASP .NET Quick Reference

Contents

.NET Security for Architects

Security concerns must be addressed at the architectural level. This section is to provide tools and guidance for the .NET architect.

Areas of Concern

Articles & Projects

ASP.NET Security Architecture

Security Engineering

Solutions to SOA Security

Web Service Specifications

Security Guidance for Windows Communication Foundation

References

International Association of Software Architects

Patterns and Practices

Patterns and Practices Security Wiki

Microsoft Security Development Lifecycle 3.2


Tools

Microsoft Threat Analysis & Modeling v2.1.2