J.D. Meier's Blog - patterns & practices WCF 3.5 Security Guidelines Now Available
"For this week's release in our patterns & practices WCF Security Guidance project, we released our first version of our WCF 3.5 Security Guidelines. Each guideline is a nugget of what to do, why, and how. The goal of the guideline format is to take a lot of information, compress it down, and turn insight into action.
...
Here's a snapshot of the guidelines, but you can see our security guidelines explained at our WCF Security Guidance project site.
Categories
Our WCF Security guidelines are organized using the following buckets:
- Auditing and Logging
- Authentication
- Authorization
- Binding
- Configuration Management
- Exception Management
- Hosting
- Impersonation and Delegation
- Input/Data Validation
- Proxy Considerations
- Deployment considerations
..."
Wiki based guideline to help you keep secure when you use WCF.
I don't use WCF now, but I'm sure it's only a matter of time (I hope as I think WCF is pretty darn cool and I really want to use it... and there IS a project feature I have in mind where it's the right tool for the job... :)
No comments:
Post a Comment
NOTE: Anonymous Commenting has been turned off for a while... The comment spammers are just killing me...
ALL comments are moderated. I will review every comment before it will appear on the blog.
Your comment WILL NOT APPEAR UNTIL I approve it. This may take some hours...
I reserve, and will use, the right to not approve ANY comment for ANY reason. I will not usually, but if it's off topic, spam (or even close to spam-like), inflammatory, mean, etc, etc, well... then...
Please see my comment policy for more information if you are interested.
Thanks,
Greg
PS. I am proactively moderating comments. Your comment WILL NOT APPEAR UNTIL I approve it. This may take some hours...