Programming Windows Security (Paperback)
Keith Brown
- 出版商: Addison Wesley
- 出版日期: 2000-07-15
- 售價: $1,620
- 貴賓價: 9.5 折 $1,539
- 語言: 英文
- 頁數: 608
- 裝訂: Paperback
- ISBN: 0201604426
- ISBN-13: 9780201604429
-
相關分類:
資訊安全
無法訂購
買這商品的人也買了...
-
$1,230$1,205 -
$980$833 -
$580$452 -
$580$458 -
$880$695 -
$2,030$1,929 -
$800Disappearing Cryptography, 2/e
-
$1,600$1,568 -
$750$638 -
$980$931 -
$590$466 -
$560$437 -
$2,030$1,929 -
$690$538 -
$420$357 -
$720$612 -
$860$731 -
$560$476 -
$2,030$1,929 -
$299CCNP Self-Study: Building Cisco Remote Access Networks (BCRAN), 2/e (Hardcover)
-
$2,030$1,929 -
$399CCNP Self-Study : Building Scalable Cisco Internetworks (BSCI), 2/e
-
$420$420 -
$860$731 -
$1,810$1,720
商品描述
Description
This is one of only a few security books that target software developers. Most are directed at network administrators who want to configure their systems to avoid attacks. Yet Windows programmers have lots of tools at their disposal for securing their applications and most are completely unaware that these tools exist. The first part of the book identifies the crucial elements that a developer must master (e.g. cryptography, authentication, access control, credentials) in order to understand NT security. The second part of the book deals with application of these elements to various tools and programming techniques (COM(+), MTS, MSMQ, Active Directory).
Windows Programming, Computer Security.
Table Of Contents
Preface.I. MODEL 1.
1. The Players.Authorities.
Machines as Principals.
Authentication.
Trust.
Summary.
2. The Environment.
Tokens.
The System Logon Session.
Window Stations.
Processes.
Summary.
3. Enforcement.
Discovering Authorization Attributes.
Distributed Applications.
Objects and Security Descriptors.
Access Control Strategies.
Choosing a Model.
Caching Mechanisms.
Summary.
II. MECHANICS.
4. Logon Sessions.
Daemon Logon Sessions.
Network Logon Sessions.
Interactive Logon Sessions.
Network Credentials.
Tokens.
Memory Allocation and Error Handling Strategies.
Using Privileges.
Impersonation.
Restricting Authorization Attributes.
Terminating a Logon Session.
Summary.
5. Window Stations and Profiles.
Window Station Permissions.
Natural Window Station Allocation.
Daemons in the Lab.
Other Window Stations.
Exploring Window Stations.
Closing Window Station Handles.
Window Stations and Access Control.
Desktops.
Jobs, Revisited.
Processes.
Summary.
6. Access Control and Accountability.
Anatomy of a Security Descriptor.
Where Do Security Descriptors Come From?
Security Descriptor Usage Patterns.
How ACLs Work.
Security Descriptors and Built-in Objects.
Security Descriptors and Private Objects.
Hierarchical Object Models and ACL Inheritance.
ACL Programming.
Handles.
Summary.
III. DISTRIBUTION.
7. Network Authentication.
The Kerberos v5 Authentication Protocol.
SSPI.
SPNEGO: Simple and Protected Negotiation.
Summary.
8. The File Server.
Lan Manager Sessions.
Clients and Sessions.
Use Records.
NULL Sessions.
Dealing with Conflict.
Drive Letter Mappings.
Named Pipes.
SMB Signing.
Summary.
9. COM(+).
The COM Security Model.
COM Interception.
Activation Requests.
More COM Interception: Access Control.
Plugging Obscure Security Holes.
Security in In-Process Servers?
Surrogates and Declarative Security.
COM Servers Packaged as Services.
Legacy Out-of-Process Servers.
Launching Servers via the COM SCM.
A Note on Choosing a Server Identity.
Access Checks in the Middle Tier.
The COM+ Security Model: Configured Components.
Catalog Settings.
Applications and Role-Based Security.
Making Sense of COM+ Access Checks.
Which Components Need Role Assignments?
Security in COM+ Library Applications.
Fine-Grained Access Control: IsCallerInRole.
Call Context Tracking.
Tips for Debugging COM Security Problems.
Summary.
10. IIS.
Public Key Cryptography.
Certificates.
Secure Sockets Layer.
Certificate Revocation.
From Theory to Practice: Obtaining and Installing a Web Server Certificate.
Requiring HTTPS via the IIS Metabase.
Managing Web Applications.
Client Authentication.
Server Applications.
IIS as a Gateway into COM+.
Miscellaneous Topics.
Where to Get More Information.
Summary.
Appendix: Some Parting Words.
Printing SIDs in Human Readable Form.
Adding Domain Principals in Windows 2000.
Adding Groups in Windows 2000.
Adding Local Accounts and Aliases.
Privileges and Logon Rights.
Secrets: The Windows Password Stash.
Glossary.
Bibliography.
Index. 0201604426T04062001
