Difference between revisions of ".NET Security for Architects"

Latest revision as of 03:47, 16 May 2008

OWASP .NET Quick Reference
OWASP Code Review Project OWASP Testing Guide

[hide]

Security concerns must be addressed at the architectural level. This section is to provide tools and guidance for the .NET architect.

@@ Line 1: / Line 1: @@
 {| align="right" class="wikitable"
 |-
-! .NET Security Quick Reference
+! OWASP .NET Quick Reference
 |-
 |
+*[[OWASP Code Review Project]]<br />
 *[[OWASP Testing Guide]]<br />
 |-
@@ Line 12: / Line 13: @@
 ===Areas of Concern===
-*Application Lifecycle
+*[[.NET Application Lifecycle | .NET Application Lifecycle]]
-*Conceptual Architecture
+*[[.NET Conceptual Architecture | Conceptual Architectures for .NET Web Applications and Services]]
-*Security Requirements & Threat Modeling
+*[[.NET Identity Metasystem | Identity and Trust Architectural Concerns in .NET]]
-*Design Review
+*[[.NET Threat Modeling | Security Requirements & Threat Modeling]]
-*Requirements Testing
+*[[.NET Design Review | Design Review and Checklists]]
-*Implementation
+*[[Separating Roles - Build Systems and Software Promotion]]
-*Separating Roles - Build Systems and Software Promotion
+*[[Data Loss Prevention Concerns]]
-===Articles===
+===Articles & Projects===
 [http://msdn2.microsoft.com/en-us/library/yedba920.aspx ASP.NET Security Architecture]
@@ Line 35: / Line 36: @@
 [http://en.wikipedia.org/wiki/WS-%2A Web Service Specifications]
+[http://www.codeplex.com/WCFSecurity Security Guidance for Windows Communication Foundation]
 ===References===
@@ Line 48: / Line 51: @@
 ===Tools===
+[http://www.microsoft.com/downloads/details.aspx?familyid=59888078-9daf-4e96-b7d1-944703479451&displaylang=en Microsoft Threat Analysis & Modeling v2.1.2]