Book Review:
Amazon.com
"Web-based applications" is getting to be a redundant term, but that only highlights the fact that up-to-date programmers need to be familiar with the strategies and practices used to build modern networked software. Designing Secure Web-Based Applications for Microsoft Windows 2000 explains precisely what its title specifies: the mechanisms for allowing Windows programs to communicate over the network while maintaining security, plus their ways of fitting into complete product architectures. It's a complete engineering document with considerable information on identifying security threats, giving them relative weight, and deciding how to deal with them in the designs of your systems. The author has both done his homework and worked in the industry, and it's a pleasure to read his distilled knowledge.
Early sections are rather academic (which is not to say they're not worthwhile), while later sections deal with specific security strategies and the security features of particular products. The author isn't vague--he tells you how he thinks you should design your programs (storing hashes, instead of passwords, in a database to allow for intrusion into the database, for example) and what specifically you need to do (there's enough code here to give heft to what otherwise would be purely high-level advice). Although the author sticks to the Microsoft world, he isn't reluctant to point out security problems in Windows. This is a great volume for anyone designing Windows software that will share information over a network and need to use authentication, nonrepudiation, encryption, and other security techniques. --David Wall
Topics covered: Network security features of Windows 2000, Internet Explorer 5.0, SQL Server 7.0, SQL Server 2000, and COM+ 1.0, as well as the engineering tradeoffs involved in making software secure enough for safety, but open enough for reliability.
Book Description
Bullet-proof security is one of the strengths of Microsoft Windows 2000, but until now, no one has presented a complete picture of Windows 2000 Web server, component-level, and database security features and considerations. DESIGNING SECURE WEB-BASED APPLICATIONS FOR MICROSOFT WINDOWS 2000 offers an integrated, authoritative, pragmatic, end-to-end view of Windows 2000 security topics. The book starts by providing a solid foundation in Windows 2000 security theory and concepts, explaining the key software design considerations for various categories and levels of security, and showing how isolated security "islands" interact. It explains core security issues such as risk analysis, threats, authentication, authorization, and privacy, and then discusses ways to apply the appropriate security to an application to mitigate risk. It covers a range of security technologies such as NTLM authentication, Kerberos authentication, SSL/TLS, CryptoAPI, ACLs, Active Directory(tm), Certificates, Web security capabilities, and COM+ security. Finally, the author uses Web services, certificates, components, and database access to build a Web-based application (included on a companion CD) to show how Windows 2000 security features work in concert to protect applications and data.
 add to del.icio.us
 Digg Freebookzone.com!
You may use anyone of the download options
Missing Link?, Report It and you may wish to find Similar Books from amazon.
Similar Book titles in MS Web Technologies section:
Web Applications Developers Guide
Web Application
Programming Microsoft Internet Explorer 5
Microsoft Commerce Solutions Web Technology
VisualWorks Web GUI Developers Guide
ASP.net Web Developer's Guide
Similar Book titles in Other sections:
Section: Applications
How to Use Microsoft Publisher 98
Microsoft Access 97 Quick Reference
Microsoft Excel 97 Quick Reference
Microsoft Internet Explorer 3 0 Unleashed
Section: Bio-Chemistry
Molecular Biology Web Book - Web Book Publications
Section: CS -> Compilers and Languages
Semantics with Applications: A Formal Introduction
Inductive Logic Programming - Techniques and Applications
Tree Automata Techniques and Applications
Section: Data Structures and Algorithms
Algorithms and Data Structures in VLSI Design: OBDD - Foundations and Applications
Algorithms for Communications Systems and their Applications
Computational Geometry: Methods and Applications
Section: CS -> Hardware
Designing Computers and Digital Systems
Section: Parallel Computing
Designing and Building Parallel Programs
Section: CS -> Theory
Capability-Based Computer Systems
Section: DB -> DB / 2
DB2 UDB/WebSphere Performance Tuning Guide
IBM DB2 Building Applications for UNIX Environments
Section: DB -> Oracle
High Performance Oracle Database Applications
Special Edition Using Oracle Web Application Server 3
High Performance Oracle Database Automation: Creating Oracle Applications with SQL and PL/SQL
Developing Client/Server Applications With Oracle Developer/2000
Developing Personal Oracle 7 for Windows 95 Applications
Show all..
Section: DB -> Others
Introduction to Databases for the Web
Introduction to Databases for Web Developers
Sybase Stored Procedures for the World Wide Web
SQL Server 2000 High Availability
Section: DB -> Postgre SQL
Build Your Own Database Driven Website Using PHP and MySQL
Section: DB -> SQL
Section: DB -> SQL Server
Inside Microsoft SQL Server 2000
Inside Microsoft SQL Server 7.0
Special Edition Using Microsoft SQL Server 6.5 (2nd Edition)
Microsoft SQL Server 2000 Administrator's Pocket Consultant
Section: Computer Hardware
Hardware Design Guide for Microsoft Windows NT Server
Hardware Design Guide for Microsoft Windows 2000 Server
Section: Device Drivers
Introduction to Writing Windows CE Display Drivers
Windows MultiMedia System Book
Writing Windows NT Device Drivers
Section: Logic Design and Architecture
Logic Design for Array-Based Circuits: A Structured Design Methodology
Designing Analog Chips
Section: Peripherals
SCSI Object Based Storage Device Commands (OSD)
Section: Internet
The XML Files : Using XML for Business-to-Business and Business-to-Consumer Applications
Software Engineering for Internet Applications (Workbook)
Using Microsoft Exchange Server
Spinning the Web
Webmaster Expert Solutions
Show all..
Section: Java Enterprise Edition
Designing Enterprise Applications with J2EE
J2EE Technology in Practice: Building Business Applications with the Java2 Platform
The Java Web Services Tutorial
Designing Enterprise Applications with the J2EE Platform
BEA WebLogic Server 8.1 Unleashed
Show all..
Section: Java User Interface
Creating Web Applets with Java
Section: Java Micro Edition
Using WebSphere Studio Device Developer to Build Embedded Java Applications
Section: Java Networking
Web Programming with Java
Developing Intranet Applications with Java
Section: Java Tools
Building AS/400 Internet-Based Applications with Java
Creating Java Applications using NetRexx
Using VisualAge for Java Enterprise Version 2 to Develop CORBA & EJB Applications
Integrating Java with Existing Data and Applications on OS/390
Section: Mathematics
Elementary Algebra with Applications, 3rd Edition
Foundations of Combinatorics with Applications
Mathematics Of The Discrete Fourier Transform (DFT) - With Audio Applications
Introduction To Digital Filters - With Audio Applications
Section: Miscellaneous
Microsoft RPC Programming Guide
Digraphs Theory, Algorithms and Applications
Section: Microsoft Certifications
Windows 2K Active Directory Services
Windows 2K Accelerated
Windows 2K Professional
Windows 2K Server
Windows 2K Network Infrastructure Administration
Show all..
Section: Microsoft C Sharp (C#)
OOP with Microsoft Visual Basic .NET and Microsoft Visual C# .NET Step by Step
C# - Your Visual Blueprint for building .Net applications
C# .NET Web Developer's Guide
C# Web development
Mastering Windows 2000 Programming with Visual C++
Show all..
Section: Microsoft COM/DCOM/ActiveX/ATL
Programming Distributed Applications With COM And Microsoft Visual Basic 6.0
Section: Microsoft .(dot) net
Microsoft .net for programmers
Applied Microsoft .Net Framework Programming
Programming Microsoft.NET
Introducing Microsoft .NET Second Edition
.NET Mobile Web Developers Guide
Show all..
Section: Office Development
Programming Microsoft Visual Interdev 6
Programming Microsoft Office 2000 Web Components
Programming Microsoft Outlook and Microsoft Exchange
Microsoft Office 2000: VBA Fundamentals
Section: Microsoft Windows Servers
Inside Microsoft SQL server7
Microsoft Windows 2k Server Resource Kit TCP/IP Core Network Guide
Microsoft Proxy Server 2.0 Training
Microsoft Exchange 2000 Server Administrators Companion
Microsoft encyclopedia of Networking
Show all..
Section: Microsoft Visual Basic
Programming Microsoft Visual Basic 6
Practical Standards for Microsoft Visual Basic
Microsoft Visual Basic Design Patterns
Web Programming with Visual Basic
Web Database Developer's Guide with Visual Basic 5
Show all..
Section: Microsoft Visual C++
Learn Visual C++ Now: Teach Yourself Microsoft Visual C++ the Quick and Easy Way
Programming Windows with MFC
Building Internet Applications with Visual C++
Mastering Windows 2000 Programming with Visual C++
Section: Windows Development
Windows Server 2003 Weekend Crash Course
Windows 2000 Commands Guidebook
Windows XP Bible
Windows XP Registry Handbook
Inside Microsoft Windows 2000 Third edition
Show all..
Section: Networking
Cisco - Designing Network Security
Cisco Secure Internet Security Solutions
Designing a Wireless Network
TCP/IP Fundamentals for Microsoft Windows
Building Cisco Networks for Windows 2000
Show all..
Section: Other Engineering
Chemical Process Safety: Fundamentals with Applications
Section: GNU/Linux OS
The Linux Web Server CD Bookshelf
Writing GNOME Applications
Secure Programming for Linux and Unix
AIXwindows Programming Guide
Linux + Windows HOWTO
Show all..
Section: Embedded and RTOS
Tornado User's Guide (Windows Version)
Section: OS Theory
2K ( Component-Based Network-Centric Operating System for the Next Millennium )
Section: Unix OS
Nextstep Programming: Step One : Object-Oriented Applications/Book and Disk
Introduction to Unix for Web Developers
Section: Windows OS
Inside Windows 2000, Third Edition
Windows NT Workstation Configuration and Maintenance
Using Windows 98 Preview Edition
Using Windows NT Workstation 4.0
Windows 98 From A to Z
Show all..
Section: Physics
Neutrinos and Beyond: New Windows on Nature
Section: Assembly Language
Windows Assembly Language & Systems Programming: 16- And 32-Bit Low-Level Programming for the PC and Windows
Section: C Language
Writing Bug-Free C Code for Windows: A Programming Style That Automatically Detects Bugs in C Code
Section: COBOL Programming
VisualAge COBOL for Windows Programming Guide
Year 2000 in a Nutshell
Section: Other Programming
Special Edition Using Microsoft Visual Studio
Ada: A Developmental Approach (LAW: Learn Ada on the Web)
Developing Applications With Objective Caml
Computational Linguistics - Models, Resources, Applications
Section: Perl Scripting
Programming Perl 5.0 CGI Web Pages for Microsoft Windows NT
Perl for the Web
Section: Scripting
Section: Smalltalk
Squeak: Object-Oriented Design with Multimedia Applications
Section: Redbooks Draft
Building Composite Applications
WebSphere MQ V6 and Web Services
Patterns: Building Serial and Parallel Processes with WebSphere Process Server V6
System i Application Modernization: Building a New Interface to Your Legacy Applications
WebSphere RFID Handbook: A Solution Guide
Show all..
Section: Redbooks
Enabling SOA Using WebSphere Messaging
Architecting High Availability Using WebSphere V6 on z/OS
Microsoft BizTalk to WebSphere Business Intergration Server Express Migration
Aix and Windows Nt: Solutions for Interoperability
Developing and Porting C and C++ Applications on AIX
Show all..
Section: IBM Technotes
Requesting Access to IBM Director Agent on Windows
Section: Redpapers
Problem Avoidance for WebSphere Application Server for z/OS
WebSphere Portal Best Practices
Remodeling a Standard Store into the Extended Sites Model With WebSphere Commerce Business Edition V5.6.1
WebSphere Message Broker V6, Best Practices Guide: Bullet Proofing Message Flows
IBM System i Tools Innovation Program: Resource Guide for Modernization and Integration Tools for System i Applications
Show all..
Section: Redpapers Draft
Mastering DynaCache In WebSphere Commerce
IBM WebSphere Voice Server V5.1.1/V5.1.2 and Cisco Customer Voice Portal V3.1: An Interoperability Guide
N Series SnapManager with Microsoft Exchange
WebSphere Message Broker V6 Best Practices Guide: Bullet Proofing Message Flows
WebSphere Application Server V6.1: Technical Overview
Show all..
Section: Software Engineering
Attribute-Based Architectural Styles
Technical Concepts of Component-Based SE, 2nd Edition
Market Assessment of Component-Based SE Assessments
The Architecture Based Design Method
Supercomputers: Directions in Technology and Applications
Show all..
Section: Software Testing
Testing and Quality Assurance for Component-Based Software
Section: Web Programming
Web Reference Library (Web Developer's Library)
Developing Web Applications with Cold Fusion
Creating Applications with Mozilla
The Complete Idiot's Guide to Creating an HTML Web Page
SQL for Web Nerds
Show all..
Section: Web Technology
The Web Design CD Bookshelf
Creating Shockwave Web Pages
Introduction to Web Design
Web Style Guide: Basic Design Principles for Creating Web Sites
Teach Yourself WEB Publishing with HTML in 14 days
Show all..
Section: XML, XSL & UML
The XML Files: Using XML for B2B and B2C Applications
Developer's Guide to Building XML Based Web Services with J2EE
Introduction to XML for Web Developers
XML Web Services for ASP.NET
XForms: XML Powered Web Forms
Show all..
Similar Books from Amazon :
|
|
