This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of ".NET Security for Architects"
From OWASP
(→Areas of Concern) |
(→Areas of Concern) |
||
Line 13: | Line 13: | ||
===Areas of Concern=== | ===Areas of Concern=== | ||
− | *[[.NET Application Lifecycle | Application Lifecycle]] | + | *[[.NET Application Lifecycle | .NET Application Lifecycle]] |
− | *[[.NET Conceptual Architecture | Conceptual | + | *[[.NET Conceptual Architecture | Conceptual Architectures for .NET Web Applications and Services]] |
− | *[[.NET Identity Metasystem | Identity and Trust Architectural Concerns]] | + | *[[.NET Identity Metasystem | Identity and Trust Architectural Concerns in .NET]] |
*[[.NET Threat Modeling | Security Requirements & Threat Modeling]] | *[[.NET Threat Modeling | Security Requirements & Threat Modeling]] |
Revision as of 03:33, 9 May 2008
.NET Security Quick Reference |
---|
.NET Security for Architects
Security concerns must be addressed at the architectural level. This section is to provide tools and guidance for the .NET architect.
Areas of Concern
- Design Review
- Requirements Testing
- Implementation
- Separating Roles - Build Systems and Software Promotion
- Protecting Data in Motion and at Rest (Data Loss Prevention)
Articles & Projects
References
International Association of Software Architects
Patterns and Practices Security Wiki
Microsoft Security Development Lifecycle 3.2