This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of ".NET Security for Architects"
From OWASP
(→Articles) |
|||
Line 29: | Line 29: | ||
*Protecting Data in Motion and at Rest (Data Loss Prevention) | *Protecting Data in Motion and at Rest (Data Loss Prevention) | ||
− | ===Articles=== | + | ===Articles & Projects=== |
[http://msdn2.microsoft.com/en-us/library/yedba920.aspx ASP.NET Security Architecture] | [http://msdn2.microsoft.com/en-us/library/yedba920.aspx ASP.NET Security Architecture] |
Revision as of 03:18, 27 April 2008
.NET Security Quick Reference |
---|
.NET Security for Architects
Security concerns must be addressed at the architectural level. This section is to provide tools and guidance for the .NET architect.
Areas of Concern
- Application Lifecycle
- Conceptual Architecture
- Security Requirements & Threat Modeling
- Design Review
- Requirements Testing
- Implementation
- Separating Roles - Build Systems and Software Promotion
- Protecting Data in Motion and at Rest (Data Loss Prevention)
Articles & Projects
References
International Association of Software Architects
Patterns and Practices Security Wiki
Microsoft Security Development Lifecycle 3.2