Bindings, Platforms, and Innovation
This presentation focuses on the Internet and separating myth from fact, history from the future, and the mundane from the imaginative. Bob Frankston presents a vision of what could and should be.
News
Improving Web Service Security: Guidance for WCF
Posted by Hartmut Wilms on Aug 08, 2008 09:53 AM
Microsoft patterns and practices group has released a WCF Security Guide. The 689 pages compendium offers a general introduction to Web Service security fundamentals as well as in-depth knowledge about several security threads and appropriate counter-measures.
“Improving Web Service Security: Scenarios and Implementation Guidance for WCF” offers security guidance in many ways. It is available in HTML and as a downloadable PDF.
The guide is divided into four parts accompanied by a set of references sections:
- Part I – Security Fundamentals for Web Services
The first chapter gives a good overview of the main aspects of service-oriented architectures (SOA). Security threats, vulnerabilities, and attacks are explained in the context of an SOA and Web Service Security standards, principles, patterns, and necessary development activities are introduced.
Chapters two and three cover Web Service Security threats and countermeasures and design guidelines for Web services. - Part II – WCF Security Fundamentals
This part introduces all features and options concerning WCF service security. Instead of merely presenting all options and providing sample code, this guide evaluates all options with respect to security issues and also tells you what options not to use or even to avoid completely. - Part III – Intranet Application Scenarios
The next two parts cover best practices for designing services and configuring web server, application server, and database server in a scenario-based fashion. Part III presents scenarios in the intranet scope. - Part IV – Internet Application Scenarios
Part IV presents scenarios in the internet scope.
All topics covered individually in part one to four relate to a single organizing frame. J.D. Meier, Principal Program Manager on the patterns & practices group, introduced the Web Service Security Frame on his blog:
The key to making principles, patterns, and practices more effective is to have an organizing frame. […] the power of the frame is that it's a durable, evolvable backdrop -- in other words, you can shape it to your own purposes.
The references sections consists of checklists, guidelines, best practices, Q&A, and step-by-step howtos.
The mix of thorough coverage of fundamental (web) service security aspects and reference sections, all in a scenario-based fashion is very appealing and simplifies understanding. The guide addresses the full range of developers and architects, from beginner to pro. Especially the Q&A and the howto sections are ideal for beginners who do not know their way around service security. The checklists, guidelines and best practices as well as part III and IV provide valuable information and reference for everyone.
RelatedVendorContent
5 Ways to Ensure Application Performance
Free $40 SOA Demystified Book Offer
Intel® SOA Expressway Performance Comparison to IBM® DataPower XI50
Related Sponsor
Red Gate Software makes ingeniously simple tools for over 500,000 SQL Server and .NET professionals.
Sponsored by
-
IBM WebSphere Application Server for Developers available at no charge NOW.
Posted
Previously
in Architects
-
GWC Webcast: Governance Of File Transfer Flow Of Business Data And Resultant Cost Savings
Posted
Previously
in Architects
-
WebSphere and Transaction & Messaging Technical Conference 2009
Posted
Previously
in Architects
-
Samisa Abeysinghe announced the imminent release of Carbon 2.0
Posted
Previously
in Business
-
Brian Loesgen invites you to Code Camp San Diego this weekend
Posted
Previously
in Business
-
Would you enroll in an India Forex Group i.e http://www.indiaforex.com Groups?
- www.forexfreedownload.com
-
0.0%
- www.indiaforex.com
-
100.0%
No comments
Watch Thread Reply