Programming Windows Security (Paperback)
Keith Brown
- 出版商: Addison Wesley
- 出版日期: 2000-07-15
- 售價: $1,620
- 貴賓價: 9.5 折 $1,539
- 語言: 英文
- 頁數: 608
- 裝訂: Paperback
- ISBN: 0201604426
- ISBN-13: 9780201604429
-
相關分類:
資訊安全
無法訂購
買這商品的人也買了...
-
TCP/IP Illustrated, Volume 1: The Protocols (Hardcover)$1,230$1,205 -
C++ Primer, 3/e 中文版$980$833 -
UML 使用手冊 (The Unified Modeling Language User Guide)$580$452 -
Perl 學習手冊 (Learning Perl, 3/e)$580$458 -
LPI Linux 資格檢定 (LPI Linux Certification in a Nutshell)$880$695 -
Anti-Hacker Tool Kit$2,030$1,929 -
$800Disappearing Cryptography, 2/e -
The CISSP Prep Guide: Gold Edition$1,600$1,568 -
Java 完美經典優質學習篇$750$638 -
Security in Computing, 3/e (平裝)$980$931 -
ASP.NET 程式設計徹底研究$590$466 -
Java Multithread Design Pattern-Java多執行緒與平行處理$560$437 -
CCNP Practical Studies: Troubleshooting$2,030$1,929 -
STRUTS 實作手冊(Struts in Action: Building Web Applications with the Leading Java Framework)$690$538 -
程式設計專家手冊 (The Practice of Programming)$420$357 -
重構─改善既有程式的設計$720$612 -
數位相機聖經 (Digital Photographer's Handbook)$860$731 -
鳥哥的 Linux 私房菜─基礎學習篇增訂版$560$476 -
CCNA Self-Study: Interconnecting Cisco Network Devices (ICND) 640-811, 640-801, 2/e$2,030$1,929 -
$299CCNP Self-Study: Building Cisco Remote Access Networks (BCRAN), 2/e (Hardcover) -
CCNP Self-Study : Building Cisco Multilayer Switched Networks (BCMSN), 2/e$2,030$1,929 -
$399CCNP Self-Study : Building Scalable Cisco Internetworks (BSCI), 2/e -
不同系統功能別資料庫設計 資料塑模入門講座$420$420 -
全球最強 VMware vSphere 4 企業環境建構$860$731 -
USB Complete: The Developer's Guide, 4/e (Paperback)$1,810$1,720
商品描述
Description
This is one of only a few security books that target software developers. Most are directed at network administrators who want to configure their systems to avoid attacks. Yet Windows programmers have lots of tools at their disposal for securing their applications and most are completely unaware that these tools exist. The first part of the book identifies the crucial elements that a developer must master (e.g. cryptography, authentication, access control, credentials) in order to understand NT security. The second part of the book deals with application of these elements to various tools and programming techniques (COM(+), MTS, MSMQ, Active Directory). 
Windows Programming, Computer Security.
Table Of Contents
Preface.I. MODEL 1.
1. The Players. Principals.
Authorities.
Machines as Principals.
Authentication.
Trust.
Summary.
Authorities.
Machines as Principals.
Authentication.
Trust.
Summary.
2. The Environment.
Logon Sessions.
Tokens.
The System Logon Session.
Window Stations.
Processes.
Summary.
Tokens.
The System Logon Session.
Window Stations.
Processes.
Summary.
3. Enforcement.
Authorization.
Discovering Authorization Attributes.
Distributed Applications.
Objects and Security Descriptors.
Access Control Strategies.
Choosing a Model.
Caching Mechanisms.
Summary.
Discovering Authorization Attributes.
Distributed Applications.
Objects and Security Descriptors.
Access Control Strategies.
Choosing a Model.
Caching Mechanisms.
Summary.
II. MECHANICS.
4. Logon Sessions.
Logon Session 999.
Daemon Logon Sessions.
Network Logon Sessions.
Interactive Logon Sessions.
Network Credentials.
Tokens.
Memory Allocation and Error Handling Strategies.
Using Privileges.
Impersonation.
Restricting Authorization Attributes.
Terminating a Logon Session.
Summary.
Daemon Logon Sessions.
Network Logon Sessions.
Interactive Logon Sessions.
Network Credentials.
Tokens.
Memory Allocation and Error Handling Strategies.
Using Privileges.
Impersonation.
Restricting Authorization Attributes.
Terminating a Logon Session.
Summary.
5. Window Stations and Profiles.
What Is a Window Station?
Window Station Permissions.
Natural Window Station Allocation.
Daemons in the Lab.
Other Window Stations.
Exploring Window Stations.
Closing Window Station Handles.
Window Stations and Access Control.
Desktops.
Jobs, Revisited.
Processes.
Summary.
Window Station Permissions.
Natural Window Station Allocation.
Daemons in the Lab.
Other Window Stations.
Exploring Window Stations.
Closing Window Station Handles.
Window Stations and Access Control.
Desktops.
Jobs, Revisited.
Processes.
Summary.
6. Access Control and Accountability.
Permissions.
Anatomy of a Security Descriptor.
Where Do Security Descriptors Come From?
Security Descriptor Usage Patterns.
How ACLs Work.
Security Descriptors and Built-in Objects.
Security Descriptors and Private Objects.
Hierarchical Object Models and ACL Inheritance.
ACL Programming.
Handles.
Summary.
Anatomy of a Security Descriptor.
Where Do Security Descriptors Come From?
Security Descriptor Usage Patterns.
How ACLs Work.
Security Descriptors and Built-in Objects.
Security Descriptors and Private Objects.
Hierarchical Object Models and ACL Inheritance.
ACL Programming.
Handles.
Summary.
III. DISTRIBUTION.
7. Network Authentication.
The NTLM Authentication Protocol.
The Kerberos v5 Authentication Protocol.
SSPI.
SPNEGO: Simple and Protected Negotiation.
Summary.
The Kerberos v5 Authentication Protocol.
SSPI.
SPNEGO: Simple and Protected Negotiation.
Summary.
8. The File Server.
Lan Manager.
Lan Manager Sessions.
Clients and Sessions.
Use Records.
NULL Sessions.
Dealing with Conflict.
Drive Letter Mappings.
Named Pipes.
SMB Signing.
Summary.
Lan Manager Sessions.
Clients and Sessions.
Use Records.
NULL Sessions.
Dealing with Conflict.
Drive Letter Mappings.
Named Pipes.
SMB Signing.
Summary.
9. COM(+).
The MSRPC Security Model.
The COM Security Model.
COM Interception.
Activation Requests.
More COM Interception: Access Control.
Plugging Obscure Security Holes.
Security in In-Process Servers?
Surrogates and Declarative Security.
COM Servers Packaged as Services.
Legacy Out-of-Process Servers.
Launching Servers via the COM SCM.
A Note on Choosing a Server Identity.
Access Checks in the Middle Tier.
The COM+ Security Model: Configured Components.
Catalog Settings.
Applications and Role-Based Security.
Making Sense of COM+ Access Checks.
Which Components Need Role Assignments?
Security in COM+ Library Applications.
Fine-Grained Access Control: IsCallerInRole.
Call Context Tracking.
Tips for Debugging COM Security Problems.
Summary.
The COM Security Model.
COM Interception.
Activation Requests.
More COM Interception: Access Control.
Plugging Obscure Security Holes.
Security in In-Process Servers?
Surrogates and Declarative Security.
COM Servers Packaged as Services.
Legacy Out-of-Process Servers.
Launching Servers via the COM SCM.
A Note on Choosing a Server Identity.
Access Checks in the Middle Tier.
The COM+ Security Model: Configured Components.
Catalog Settings.
Applications and Role-Based Security.
Making Sense of COM+ Access Checks.
Which Components Need Role Assignments?
Security in COM+ Library Applications.
Fine-Grained Access Control: IsCallerInRole.
Call Context Tracking.
Tips for Debugging COM Security Problems.
Summary.
10. IIS.
Authentication on the Web.
Public Key Cryptography.
Certificates.
Secure Sockets Layer.
Certificate Revocation.
From Theory to Practice: Obtaining and Installing a Web Server Certificate.
Requiring HTTPS via the IIS Metabase.
Managing Web Applications.
Client Authentication.
Server Applications.
IIS as a Gateway into COM+.
Miscellaneous Topics.
Where to Get More Information.
Summary.
Public Key Cryptography.
Certificates.
Secure Sockets Layer.
Certificate Revocation.
From Theory to Practice: Obtaining and Installing a Web Server Certificate.
Requiring HTTPS via the IIS Metabase.
Managing Web Applications.
Client Authentication.
Server Applications.
IIS as a Gateway into COM+.
Miscellaneous Topics.
Where to Get More Information.
Summary.
Appendix: Some Parting Words.
Well-Known SIDs.
Printing SIDs in Human Readable Form.
Adding Domain Principals in Windows 2000.
Adding Groups in Windows 2000.
Adding Local Accounts and Aliases.
Privileges and Logon Rights.
Secrets: The Windows Password Stash.
Printing SIDs in Human Readable Form.
Adding Domain Principals in Windows 2000.
Adding Groups in Windows 2000.
Adding Local Accounts and Aliases.
Privileges and Logon Rights.
Secrets: The Windows Password Stash.
Glossary.
Bibliography.
Index. 0201604426T04062001
