Programming Windows Security (Paperback)
Keith Brown
- 出版商: Addison-Wesley Professional
- 出版日期: 2000-07-15
- 售價: $1,600
- 貴賓價: 9.5 折 $1,520
- 語言: 英文
- 頁數: 608
- 裝訂: Paperback
- ISBN: 0201604426
- ISBN-13: 9780201604429
無法訂購
買這商品的人也買了...
-
![]()
LPI Linux 資格檢定 (LPI Linux Certification in a Nutshell)$880售價: $695 -
![]()
Perl 學習手冊 (Learning Perl, 3/e)$580售價: $458 -
![]()
售價: $699Disappearing Cryptography, 2/e -
![]()
重構─改善既有程式的設計$720售價: $569 -
![]()
鳥哥的 Linux 私房菜─基礎學習篇增訂版$560貴賓價: $442 -
![]()
全球最強 VMware vSphere 4 企業環境建構$860貴賓價: $679 -
![]()
STRUTS 實作手冊(Struts in Action: Building Web Applications with the Leading Java Framework)$690售價: $538 -
![]()
C++ Primer, 3/e 中文版$980售價: $774 -
![]()
貴賓價: $1,205TCP/IP Illustrated, Volume 1: The Protocols (Hardcover) -
![]()
Java Multithread Design Pattern-Java多執行緒與平行處理$560售價: $437 -
![]()
售價: $399CCNP Self-Study : Building Scalable Cisco Internetworks (BSCI), 2/e -
![]()
數位相機聖經 (Digital Photographer's Handbook)$860售價: $731 -
![]()
UML 使用手冊 (The Unified Modeling Language User Guide)$580售價: $452 -
![]()
售價: $199CCNP Self-Study: Building Cisco Remote Access Networks (BCRAN), 2/e (Hardcover) -
![]()
貴賓價: $1,984CCNA Self-Study: Interconnecting Cisco Network Devices (ICND) 640-811, 640-801, 2/e -
![]()
ASP.NET 程式設計徹底研究$590售價: $348 -
![]()
貴賓價: $1,984CCNP Self-Study : Building Cisco Multilayer Switched Networks (BCMSN), 2/e -
![]()
貴賓價: $1,982CCNP Practical Studies: Troubleshooting -
![]()
不同系統功能別資料庫設計 資料塑模入門講座$420售價: $420 -
![]()
程式設計專家手冊 (The Practice of Programming)$420售價: $332 -
![]()
Java 完美經典優質學習篇$750售價: $638 -
![]()
貴賓價: $1,742Anti-Hacker Tool Kit -
![]()
貴賓價: $1,568The CISSP Prep Guide: Gold Edition -
![]()
貴賓價: $1,720USB Complete: The Developer's Guide, 4/e (Paperback) -
![]()
貴賓價: $931Security in Computing, 3/e (平裝)
商品描述
Description
This is one of only a few security books that target software developers. Most are directed at network administrators who want to configure their systems to avoid attacks. Yet Windows programmers have lots of tools at their disposal for securing their applications and most are completely unaware that these tools exist. The first part of the book identifies the crucial elements that a developer must master (e.g. cryptography, authentication, access control, credentials) in order to understand NT security. The second part of the book deals with application of these elements to various tools and programming techniques (COM(+), MTS, MSMQ, Active Directory). 
Windows Programming, Computer Security.
Table Of Contents
Preface.I. MODEL 1.
1. The Players. Principals.
Authorities.
Machines as Principals.
Authentication.
Trust.
Summary.
Authorities.
Machines as Principals.
Authentication.
Trust.
Summary.
2. The Environment.
Logon Sessions.
Tokens.
The System Logon Session.
Window Stations.
Processes.
Summary.
Tokens.
The System Logon Session.
Window Stations.
Processes.
Summary.
3. Enforcement.
Authorization.
Discovering Authorization Attributes.
Distributed Applications.
Objects and Security Descriptors.
Access Control Strategies.
Choosing a Model.
Caching Mechanisms.
Summary.
Discovering Authorization Attributes.
Distributed Applications.
Objects and Security Descriptors.
Access Control Strategies.
Choosing a Model.
Caching Mechanisms.
Summary.
II. MECHANICS.
4. Logon Sessions.
Logon Session 999.
Daemon Logon Sessions.
Network Logon Sessions.
Interactive Logon Sessions.
Network Credentials.
Tokens.
Memory Allocation and Error Handling Strategies.
Using Privileges.
Impersonation.
Restricting Authorization Attributes.
Terminating a Logon Session.
Summary.
Daemon Logon Sessions.
Network Logon Sessions.
Interactive Logon Sessions.
Network Credentials.
Tokens.
Memory Allocation and Error Handling Strategies.
Using Privileges.
Impersonation.
Restricting Authorization Attributes.
Terminating a Logon Session.
Summary.
5. Window Stations and Profiles.
What Is a Window Station?
Window Station Permissions.
Natural Window Station Allocation.
Daemons in the Lab.
Other Window Stations.
Exploring Window Stations.
Closing Window Station Handles.
Window Stations and Access Control.
Desktops.
Jobs, Revisited.
Processes.
Summary.
Window Station Permissions.
Natural Window Station Allocation.
Daemons in the Lab.
Other Window Stations.
Exploring Window Stations.
Closing Window Station Handles.
Window Stations and Access Control.
Desktops.
Jobs, Revisited.
Processes.
Summary.
6. Access Control and Accountability.
Permissions.
Anatomy of a Security Descriptor.
Where Do Security Descriptors Come From?
Security Descriptor Usage Patterns.
How ACLs Work.
Security Descriptors and Built-in Objects.
Security Descriptors and Private Objects.
Hierarchical Object Models and ACL Inheritance.
ACL Programming.
Handles.
Summary.
Anatomy of a Security Descriptor.
Where Do Security Descriptors Come From?
Security Descriptor Usage Patterns.
How ACLs Work.
Security Descriptors and Built-in Objects.
Security Descriptors and Private Objects.
Hierarchical Object Models and ACL Inheritance.
ACL Programming.
Handles.
Summary.
III. DISTRIBUTION.
7. Network Authentication.
The NTLM Authentication Protocol.
The Kerberos v5 Authentication Protocol.
SSPI.
SPNEGO: Simple and Protected Negotiation.
Summary.
The Kerberos v5 Authentication Protocol.
SSPI.
SPNEGO: Simple and Protected Negotiation.
Summary.
8. The File Server.
Lan Manager.
Lan Manager Sessions.
Clients and Sessions.
Use Records.
NULL Sessions.
Dealing with Conflict.
Drive Letter Mappings.
Named Pipes.
SMB Signing.
Summary.
Lan Manager Sessions.
Clients and Sessions.
Use Records.
NULL Sessions.
Dealing with Conflict.
Drive Letter Mappings.
Named Pipes.
SMB Signing.
Summary.
9. COM(+).
The MSRPC Security Model.
The COM Security Model.
COM Interception.
Activation Requests.
More COM Interception: Access Control.
Plugging Obscure Security Holes.
Security in In-Process Servers?
Surrogates and Declarative Security.
COM Servers Packaged as Services.
Legacy Out-of-Process Servers.
Launching Servers via the COM SCM.
A Note on Choosing a Server Identity.
Access Checks in the Middle Tier.
The COM+ Security Model: Configured Components.
Catalog Settings.
Applications and Role-Based Security.
Making Sense of COM+ Access Checks.
Which Components Need Role Assignments?
Security in COM+ Library Applications.
Fine-Grained Access Control: IsCallerInRole.
Call Context Tracking.
Tips for Debugging COM Security Problems.
Summary.
The COM Security Model.
COM Interception.
Activation Requests.
More COM Interception: Access Control.
Plugging Obscure Security Holes.
Security in In-Process Servers?
Surrogates and Declarative Security.
COM Servers Packaged as Services.
Legacy Out-of-Process Servers.
Launching Servers via the COM SCM.
A Note on Choosing a Server Identity.
Access Checks in the Middle Tier.
The COM+ Security Model: Configured Components.
Catalog Settings.
Applications and Role-Based Security.
Making Sense of COM+ Access Checks.
Which Components Need Role Assignments?
Security in COM+ Library Applications.
Fine-Grained Access Control: IsCallerInRole.
Call Context Tracking.
Tips for Debugging COM Security Problems.
Summary.
10. IIS.
Authentication on the Web.
Public Key Cryptography.
Certificates.
Secure Sockets Layer.
Certificate Revocation.
From Theory to Practice: Obtaining and Installing a Web Server Certificate.
Requiring HTTPS via the IIS Metabase.
Managing Web Applications.
Client Authentication.
Server Applications.
IIS as a Gateway into COM+.
Miscellaneous Topics.
Where to Get More Information.
Summary.
Public Key Cryptography.
Certificates.
Secure Sockets Layer.
Certificate Revocation.
From Theory to Practice: Obtaining and Installing a Web Server Certificate.
Requiring HTTPS via the IIS Metabase.
Managing Web Applications.
Client Authentication.
Server Applications.
IIS as a Gateway into COM+.
Miscellaneous Topics.
Where to Get More Information.
Summary.
Appendix: Some Parting Words.
Well-Known SIDs.
Printing SIDs in Human Readable Form.
Adding Domain Principals in Windows 2000.
Adding Groups in Windows 2000.
Adding Local Accounts and Aliases.
Privileges and Logon Rights.
Secrets: The Windows Password Stash.
Printing SIDs in Human Readable Form.
Adding Domain Principals in Windows 2000.
Adding Groups in Windows 2000.
Adding Local Accounts and Aliases.
Privileges and Logon Rights.
Secrets: The Windows Password Stash.
Glossary.
Bibliography.
Index. 0201604426T04062001