This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of ".NET Security for Architects"
From OWASP
Line 11: | Line 11: | ||
===Areas of Concern=== | ===Areas of Concern=== | ||
+ | |||
+ | *Application Lifecycle | ||
*Conceptual Architecture | *Conceptual Architecture | ||
Line 41: | Line 43: | ||
[http://channel9.msdn.com/wiki/default.aspx/SecurityWiki.HomePage Patterns and Practices Security Wiki] | [http://channel9.msdn.com/wiki/default.aspx/SecurityWiki.HomePage Patterns and Practices Security Wiki] | ||
+ | |||
+ | [http://www.microsoft.com/downloads/details.aspx?familyid=2412c443-27f6-4aac-9883-f55ba5b01814&displaylang=en&Hash=4fZb2FzZ7%2bmaj0VqoUbFZzzw0WW5%2bxWjK3XBVit5eX%2b%2bB90vmLtZlAstlNg9cRu6Pg%2b50DNCMhGT6ADei7DgFg%3d%3d Microsoft Security Development Lifecycle 3.2] | ||
+ | |||
===Tools=== | ===Tools=== |
Revision as of 15:38, 13 April 2008
.NET Security Quick Reference |
---|
.NET Security for Architects
Security concerns must be addressed at the architectural level. This section is to provide tools and guidance for the .NET architect.
Areas of Concern
- Application Lifecycle
- Conceptual Architecture
- Security Requirements & Threat Modeling
- Design Review
- Requirements Testing
- Implementation
- Separating Roles - Build Systems and Software Promotion
Articles
References
International Association of Software Architects
Patterns and Practices Security Wiki
Microsoft Security Development Lifecycle 3.2