This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of ".NET Security for Architects"

From OWASP
Jump to: navigation, search
(Articles & Projects)
 
(29 intermediate revisions by the same user not shown)
Line 1: Line 1:
 +
{| align="right" class="wikitable"
 +
|-
 +
! OWASP .NET Quick Reference
 +
|-
 +
|
 +
*[[OWASP Code Review Project]]<br />
 +
*[[OWASP Testing Guide]]<br />
 +
|-
 +
|}
 
==.NET Security for Architects==
 
==.NET Security for Architects==
 
Security concerns must be addressed at the architectural level.  This section is to provide tools and guidance for the .NET architect.
 
Security concerns must be addressed at the architectural level.  This section is to provide tools and guidance for the .NET architect.
  
===Areas of Concerns===
+
===Areas of Concern===
*Conceptual Architecture
 
  
*Security Requirements & Threat Modeling
+
*[[.NET Application Lifecycle | .NET Application Lifecycle]]
  
*Design Review
+
*[[.NET Conceptual Architecture | Conceptual Architectures for .NET Web Applications and Services]]
  
*Requirements Testing
+
*[[.NET Identity Metasystem | Identity and Trust Architectural Concerns in .NET]]
  
*Implementation
+
*[[.NET Threat Modeling | Security Requirements & Threat Modeling]]
 +
 
 +
*[[.NET Design Review | Design Review and Checklists]]
 +
 
 +
*[[Separating Roles - Build Systems and Software Promotion]]
 +
 
 +
*[[Data Loss Prevention Concerns]]
 +
 
 +
===Articles & Projects===
  
===Articles===
 
 
[http://msdn2.microsoft.com/en-us/library/yedba920.aspx ASP.NET Security Architecture]
 
[http://msdn2.microsoft.com/en-us/library/yedba920.aspx ASP.NET Security Architecture]
  
Line 21: Line 36:
  
 
[http://en.wikipedia.org/wiki/WS-%2A Web Service Specifications]
 
[http://en.wikipedia.org/wiki/WS-%2A Web Service Specifications]
 +
 +
[http://www.codeplex.com/WCFSecurity Security Guidance for Windows Communication Foundation]
  
 
===References===
 
===References===
 +
 
[http://www.iasahome.org/web/home/home International Association of Software Architects]
 
[http://www.iasahome.org/web/home/home International Association of Software Architects]
  
Line 28: Line 46:
  
 
[http://channel9.msdn.com/wiki/default.aspx/SecurityWiki.HomePage Patterns and Practices Security Wiki]
 
[http://channel9.msdn.com/wiki/default.aspx/SecurityWiki.HomePage Patterns and Practices Security Wiki]
 +
 +
[http://www.microsoft.com/downloads/details.aspx?familyid=2412c443-27f6-4aac-9883-f55ba5b01814&displaylang=en&Hash=4fZb2FzZ7%2bmaj0VqoUbFZzzw0WW5%2bxWjK3XBVit5eX%2b%2bB90vmLtZlAstlNg9cRu6Pg%2b50DNCMhGT6ADei7DgFg%3d%3d Microsoft Security Development Lifecycle 3.2]
 +
  
 
===Tools===
 
===Tools===
 +
[http://www.microsoft.com/downloads/details.aspx?familyid=59888078-9daf-4e96-b7d1-944703479451&displaylang=en Microsoft Threat Analysis & Modeling v2.1.2]

Latest revision as of 03:47, 16 May 2008

OWASP .NET Quick Reference

.NET Security for Architects

Security concerns must be addressed at the architectural level. This section is to provide tools and guidance for the .NET architect.

Areas of Concern

Articles & Projects

ASP.NET Security Architecture

Security Engineering

Solutions to SOA Security

Web Service Specifications

Security Guidance for Windows Communication Foundation

References

International Association of Software Architects

Patterns and Practices

Patterns and Practices Security Wiki

Microsoft Security Development Lifecycle 3.2


Tools

Microsoft Threat Analysis & Modeling v2.1.2