.NET Security Programming (Gearhead Press - In the Trenches) [Paperback]

Donis Marshall (Author)

Book Description

Publication Date: November 8, 2002 | ISBN-10: 0471222852 | ISBN-13: 978-0471222859 | Edition: 1

• Provides critical details and guidance from an experienced trainer.
• Includes tech reviews and guidance from key Microsoft developers.
• Authoritative and useful, covering security principles and security under Windows in a Web-based environment.
• Offers the first thorough exploration of security nameplates under the .NET framework.

 

Editorial Reviews

From the Back Cover

"This book...supplies you with the useful tools and also the pieces of the puzzle that would take a great deal of time to discover. Having a book such as this one makes the job a much easier one by revealing things to you which aren’t intuitive."
—Michael Dunner, Program Manager, Windows Security, Microsoft Corporation

Security issues in the Windows environment have recently attracted considerable publicity. Many companies, including Microsoft, have embarked upon ambitious initiatives to remove security flaws from their programs. Moving to a Web-based environment requires new ways of thinking about security as well as a complete understanding of the security underpinnings of .NET. This powerful Web platform is expected to lead the way to a world of devices interconnected by services. That means that a company utilizing .NET can dramatically improve the performance of its daily operations by enabling access to information anywhere and at any time.

But moving to this interconnected environment requires new and innovative ways to secure that information.

Written by a Microsoft internal trainer, and reviewed by Michael Dunner, a security expert at Microsoft Corporation, this book uncovers all of the techniques that you’ll need to know in order to create secure applications running under .NET. Marshall first explains the security underpinnings of .NET and then:

• Covers all of the key security principles
• Discusses security under Windows and in a Web-based environment
• Provides detailed information on Code Access Security and Role based security
• Demonstrates how .NET applications can use cryptography, an often misunderstood topic
• Presents the first clear explanation of creating and deploying custom security objects in .NET

The companion Web site includes the code examples from the book, in both VB.NET and C#.

About Gearhead Press

Responding to the ongoing needs of IT professionals for current and reliable information on the latest technologies, Wiley Technology Publishing introduces the Gearhead Press titles. These books, written by accomplished trainers in their respective fields, focus on real-world examples and case studies to give readers the best information on leading topics.

The Gearhead Press titles are characterized by two imprints: In the Trenches and Point to Point. Both imprints include fast-paced books written by fellow IT professionals who have been there and done that. In the Trenches books guide readers to proficiency, and serve as practical, hands-on references after the initial tasks are accomplished. The Point to Point titles invite readers to join an IT team at a model company and implement technologies in real-world environments–demonstrating actual problems and solutions.

About the Author

DONIS MARSHALL is a corporate trainer with more than two decades of experience as a developer. He is also President of Developer Security Corporation (www.developersecurity.com) and Code Listing Corporation (www.codelisting.com), and is the Founder of Gearhead Press. During the past two years, Marshall has conducted training at Microsoft Corporation, working with the engineers and developers in their Redmond, WA, campus and other global Microsoft locations.

Product Details

• Paperback: 496 pages
• Publisher: Wiley; 1 edition (November 8, 2002)
• Language: English
• ISBN-10: 0471222852
• ISBN-13: 978-0471222859
• Product Dimensions: 9.2 x 7.4 x 0.7 inches
• Shipping Weight: 1.1 pounds
• Average Customer Review: 4.0 out of 5 stars  See all reviews (2 customer reviews)
• Amazon Best Sellers Rank: #2,643,228 in Books (See Top 100 in Books)

More About the Author

Discover books, learn about writers, read author blogs, and more.

Customer Reviews

Most Helpful Customer Reviews

2 of 2 people found the following review helpful:

3.0 out of 5 stars A lot of information, but a lack of cohesion, August 6, 2003

By 

Jesse Houwing (Utrecht, Netherlands) - See all my reviews

Amazon Verified Purchase

This review is from: .NET Security Programming (Gearhead Press - In the Trenches) (Paperback)

I bought this book to learn more about secure programming under .Net (especially c#). This book provides all the information you'll need.

It has information on:
* Code Access security
* Encryption
* Comparison and additional information on Windows native security
* Role based security

All of these subjects are covered in seperate chapters and there is only very few cohesion between these different chapters apart from the main subject. It would have been a better read if the examples used throughout the book would extend and supplement eachother to show how all of these techniques could be used together to create secure applications.

1 of 1 people found the following review helpful:

5.0 out of 5 stars Depth understanding beyond the basics, November 10, 2003

By 

Scott Stabbert (Woodinville, WA) - See all my reviews

This review is from: .NET Security Programming (Gearhead Press - In the Trenches) (Paperback)

If you're a serious .NET Developer, and you care about security, I think this is an excellent work.

There are a couple of books on .NET Security out there that provide good coverage of .NET Security, but pretty much cover the basic concepts from the on-line docs. I really appreciated this book exactly because it goes beyond the docs, providing a very balanced mix of breadth topics, with depth coverage. The author does a very nice job introducing, explaining, and demonstrating concepts. I also really liked this book because its not a behemoth. It is a very reasonable 300 pages, a length I can actually read through and digest.

Code samples are short and clear (what I refer to as sandboxed examples). They are not huge scenario based examples where you loose the point amongst all the helper code to make it look 'real'. Just show me how the concept works, and I'll write my own 'real' code, thank you very much.

I thought the topic coverage had the appropriate levels of breadth (.NET Security, ASP.NET framework security, Crypto), and depth.