This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of ".NET Security for Architects"
From OWASP
(→Areas of Concern) |
(→Areas of Concern) |
||
Line 15: | Line 15: | ||
*[[.NET Application Lifecycle | Application Lifecycle]] | *[[.NET Application Lifecycle | Application Lifecycle]] | ||
− | *Conceptual Architecture | + | *[[.NET Conceptual Architecture | Conceptual Architecture for Web Applications and Services]] |
− | *Security Requirements & Threat Modeling | + | *[[.NET Identity Metasystem | Identity and Trust Architectural Concerns]] |
+ | |||
+ | *[[.NET Threat Modeling | Security Requirements & Threat Modeling]] | ||
*Design Review | *Design Review |
Revision as of 03:31, 9 May 2008
.NET Security Quick Reference |
---|
.NET Security for Architects
Security concerns must be addressed at the architectural level. This section is to provide tools and guidance for the .NET architect.
Areas of Concern
- Design Review
- Requirements Testing
- Implementation
- Separating Roles - Build Systems and Software Promotion
- Protecting Data in Motion and at Rest (Data Loss Prevention)
Articles & Projects
References
International Association of Software Architects
Patterns and Practices Security Wiki
Microsoft Security Development Lifecycle 3.2