This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of ".NET Security for Architects"

From OWASP
Jump to: navigation, search
(Areas of Concern)
(Areas of Concern)
Line 13: Line 13:
 
===Areas of Concern===
 
===Areas of Concern===
  
*[[.NET Application Lifecycle | Application Lifecycle]]
+
*[[.NET Application Lifecycle | .NET Application Lifecycle]]
  
*[[.NET Conceptual Architecture | Conceptual Architecture for Web Applications and Services]]
+
*[[.NET Conceptual Architecture | Conceptual Architectures for .NET Web Applications and Services]]
  
*[[.NET Identity Metasystem | Identity and Trust Architectural Concerns]]
+
*[[.NET Identity Metasystem | Identity and Trust Architectural Concerns in .NET]]
  
 
*[[.NET Threat Modeling | Security Requirements & Threat Modeling]]
 
*[[.NET Threat Modeling | Security Requirements & Threat Modeling]]

Revision as of 03:33, 9 May 2008

.NET Security Quick Reference

.NET Security for Architects

Security concerns must be addressed at the architectural level. This section is to provide tools and guidance for the .NET architect.

Areas of Concern

  • Design Review
  • Requirements Testing
  • Implementation
  • Separating Roles - Build Systems and Software Promotion
  • Protecting Data in Motion and at Rest (Data Loss Prevention)

Articles & Projects

ASP.NET Security Architecture

Security Engineering

Solutions to SOA Security

Web Service Specifications

References

International Association of Software Architects

Patterns and Practices

Patterns and Practices Security Wiki

Microsoft Security Development Lifecycle 3.2


Tools