Application-Level Security Versus System-Level Security
Another security concept to be aware of is the difference between system-level security and application-level security. System-level security is implemented by the operating system or other systems that you require to expose the Web Service (the .NET runtime infrastructure and Internet Information Server, for example). If you can use system-level security, by all means take advantage of it. Generally, the system-level security software has been fairly well debugged and tested, and although at times security breaches happen, system-level practices largely keep the casual hacker out.
Application-level security practices are those that you implement yourself. Clearly, this type of code isn't ...
Get Applied SOAP: Implementing .NET XML Web Services now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
