WHAT’S IN THIS CHAPTER?
WROX.COM CODE DOWNLOADS FOR THIS CHAPTER
Security has several key elements that you need to consider in order to make your applications secure. The primary one, of course, is the user of the application. Is the user actually the person authorized to access the application, or someone posing as the user? How can this user be trusted? As you will see in this chapter, ensuring the security of an application in regard of the user is a two-part process: First, users need to be authenticated, and then they need to be authorized to verify that they are allowed to use the requested resources.
What about data that is stored or sent across the network? Is it possible for someone to access this data, for example, by using a network sniffer? Encryption of data is important in this regard. Some technologies, such as Windows Communication Foundation (WCF) provide encryption capabilities by simple configuration, so you can see what’s done behind the scenes.
Yet another aspect ...