You are previewing .NET Security and Cryptography.
O'Reilly logo
.NET Security and Cryptography

Book Description

Learn how to make your .NET applications secure!

Security and cryptography, while always an essential part of the computing industry, have seen their importance increase greatly in the last several years. Microsoft's .NET Framework provides developers with a powerful new set of tools to make their applications secure. NET Security and Cryptography is a practical and comprehensive guide to implementing both the security and the cryptography features found in the .NET platform. The authors provide numerous clear and focused examples in both C# and Visual Basic .NET, as well as detailed commentary on how the code works. They cover topics in a logical sequence and context, where they are most relevant and most easily understood. All of the sample code is available online at .

This book will allow developers to:

  • Develop a solid basis in the theory of cryptography, so they can understand how the security tools in the .NET Framework function

  • Learn to use symmetric algorithms, asymmetric algorithms, and digital signatures

  • Master both traditional encryption programming as well as the new techniques of XML encryption and XML signatures

  • Learn how these tools apply to ASP.NET and Web Services security

  • Table of Contents

    1. Copyright
    2. Integrated .NET Series from Object Innovations and Prentice Hall PTR
    3. Preface
    4. Acknowledgments
    5. The Integrated .NET Series from Object Innovations and Prentice Hall PTR
    6. .NET Cryptography and Security
      1. The Nature of This Book
      2. The Nature of Cryptography and Security
      3. Windows Security Comes of Age
      4. The .NET Framework and the CLR
      5. .NET Cryptography Programming
      6. .NET Security Programming
      7. Summary
    7. Fundamentals of Cryptography
      1. Security and Keeping Secrets
      2. Steganography
      3. Modern Ciphers
      4. Cryptanalytic Attacks
      5. Issues in Human Interaction and Trust
      6. Summary
    8. Symmetric Cryptography
      1. Symmetric Ciphers
      2. Programming with .NET Symmetric Cryptography
      3. Key Exchange Issues
      4. Summary
    9. Asymmetric Cryptography
      1. Problems with Symmetric Algorithms
      2. The Idea Behind Asymmetric Cryptography
      3. Existing Asymmetric Algorithms
      4. RSA: The Most Used Asymmetric Algorithm
      5. Caveat: Provability Issues
      6. Programming with .NET Asymmetric Cryptography
      7. Digital Certificates
      8. Summary
    10. Digital Signatures
      1. Hash Algorithms
      2. How Digital Signatures Work
      3. RSA Used as a Digital Signature Algorithm
      4. The Digital Signature Algorithm
      5. The Asymmetric AlgorithmHierarchy Class Hierarchy
      6. Summary
    11. XML Cryptography
      1. XML Encryption
      2. XML Signatures
      3. Combining XML Signing and XML Encryption
      4. Summary
    12. .NET User-Based Security
      1. Authentication and Authorization
      2. .NET Security Model
      3. Administrating Windows Security
      4. Administrating .NET Security
      5. Permissions
      6. User-Based Security
      7. Two Approaches to User-Based Security
      8. Credentials
      9. Security Discipline
      10. Summary
    13. .NET Code Access Security
      1. The Need for Code Access Security
      2. Security, Managed Code, and the CLR
      3. How CAS Is Used
      4. Managing Security Policy with Code Groups
      5. Imperative Versus Declarative CAS
      6. Evidence-Based Security
      7. Code Access Permissions
      8. Declarative Code Access Permissions
      9. Permission Requests
      10. Permission Sets
      11. Summary
    14. ASP.NET Security
      1. Fundamental Security Mechanisms
      2. Implementing ASP.NET Authentication
      3. ASP.NET Configuration
      4. Forms Authentication
      5. Forms Authentication Classes
      6. Passport Authentication
      7. Windows Authentication
      8. Implementing ASP.NET Authorization
      9. Implementing ASP.NET Impersonation
      10. Summary
    15. Web Services Security
      1. Basic Techniques in Securing Web Services
      2. Authenticate Web Service Using SOAPHEADER
      3. Summary
    16. A Security Attack Example: The Stack Overrun
    17. How the RSA Cipher Works
      1. Modular Arithmetic
      2. The BigRSA Example Program
      3. The CrackRSAWorkFactorDemo Example Program
    18. Using the GNU GMP Library
      1. Installing Cygwin
      2. Testing Your Cygwin Installation
      3. Installing GMP
      4. Uninstalling Cygwin
    19. Cryptography and Security Resources
      1. Background Knowledge and Conceptual Books
      2. Cryptographic Mathematics Books
      3. Implementing Security Guide Books
      4. Human Interest Books on Cryptography
      5. Cryptography News Groups
      6. Useful Cryptographic and Security Web Sites
    20. Exploring Web Services
      1. Motivation for Web Services
      2. Web Services Definition
      3. Backbones of Web Services
      4. Next Generation of Distributed Computing: Web Services
      5. Code Model for Web Services
      6. Developing a Simple Concatenate Web Service
      7. Protocols
      8. Accessing a Web Service
      9. Asynchronous Programming in Web Services
      10. Creating an ASP.NET Calculator Web Service
      11. Web Services Are Still Evolving
      12. Summary