Programming Windows Security (Paperback)
Keith Brown
- 出版商: Addison Wesley
- 出版日期: 2000-07-15
- 售價: $1,840
- 貴賓價: 9.5 折 $1,748
- 語言: 英文
- 頁數: 608
- 裝訂: Paperback
- ISBN: 0201604426
- ISBN-13: 9780201604429
-
相關分類:
資訊安全
已絕版
買這商品的人也買了...
-
$1,205TCP/IP Illustrated, Volume 1: The Protocols (Hardcover)
-
$980$774 -
$580$452 -
$580$458 -
$880$695 -
$2,210$2,100 -
$749Disappearing Cryptography, 2/e
-
$1,600$1,568 -
$750$638 -
$931Security in Computing, 3/e (平裝)
-
$590$466 -
$560$437 -
$2,340$2,223 -
$690$538 -
$420$332 -
$720$569 -
$860$731 -
$560$504 -
$2,340$2,223 -
$399CCNP Self-Study: Building Cisco Remote Access Networks (BCRAN), 2/e (Hardcover)
-
$2,340$2,223 -
$399CCNP Self-Study : Building Scalable Cisco Internetworks (BSCI), 2/e
-
$420$420 -
$860$774 -
$1,810$1,720
相關主題
商品描述
Description
This is one of only a few security books that target software developers. Most are directed at network administrators who want to configure their systems to avoid attacks. Yet Windows programmers have lots of tools at their disposal for securing their applications and most are completely unaware that these tools exist. The first part of the book identifies the crucial elements that a developer must master (e.g. cryptography, authentication, access control, credentials) in order to understand NT security. The second part of the book deals with application of these elements to various tools and programming techniques (COM(+), MTS, MSMQ, Active Directory).
Appropriate Courses
Windows Programming, Computer Security.
Table Of Contents
Preface.
I. MODEL 1.
1. The Players.
Authorities.
Machines as Principals.
Authentication.
Trust.
Summary.
2. The Environment.
Tokens.
The System Logon Session.
Window Stations.
Processes.
Summary.
3. Enforcement.
Discovering Authorization Attributes.
Distributed Applications.
Objects and Security Descriptors.
Access Control Strategies.
Choosing a Model.
Caching Mechanisms.
Summary.
II. MECHANICS.
4. Logon Sessions.
Daemon Logon Sessions.
Network Logon Sessions.
Interactive Logon Sessions.
Network Credentials.
Tokens.
Memory Allocation and Error Handling Strategies.
Using Privileges.
Impersonation.
Restricting Authorization Attributes.
Terminating a Logon Session.
Summary.
5. Window Stations and Profiles.
Window Station Permissions.
Natural Window Station Allocation.
Daemons in the Lab.
Other Window Stations.
Exploring Window Stations.
Closing Window Station Handles.
Window Stations and Access Control.
Desktops.
Jobs, Revisited.
Processes.
Summary.
6. Access Control and Accountability.
Anatomy of a Security Descriptor.
Where Do Security Descriptors Come From?
Security Descriptor Usage Patterns.
How ACLs Work.
Security Descriptors and Built-in Objects.
Security Descriptors and Private Objects.
Hierarchical Object Models and ACL Inheritance.
ACL Programming.
Handles.
Summary.
III. DISTRIBUTION.
7. Network Authentication.
The Kerberos v5 Authentication Protocol.
SSPI.
SPNEGO: Simple and Protected Negotiation.
Summary.
8. The File Server.
Lan Manager Sessions.
Clients and Sessions.
Use Records.
NULL Sessions.
Dealing with Conflict.
Drive Letter Mappings.
Named Pipes.
SMB Signing.
Summary.
9. COM(+).
The COM Security Model.
COM Interception.
Activation Requests.
More COM Interception: Access Control.
Plugging Obscure Security Holes.
Security in In-Process Servers?
Surrogates and Declarative Security.
COM Servers Packaged as Services.
Legacy Out-of-Process Servers.
Launching Servers via the COM SCM.
A Note on Choosing a Server Identity.
Access Checks in the Middle Tier.
The COM+ Security Model: Configured Components.
Catalog Settings.
Applications and Role-Based Security.
Making Sense of COM+ Access Checks.
Which Components Need Role Assignments?
Security in COM+ Library Applications.
Fine-Grained Access Control: IsCallerInRole.
Call Context Tracking.
Tips for Debugging COM Security Problems.
Summary.
10. IIS.
Public Key Cryptography.
Certificates.
Secure Sockets Layer.
Certificate Revocation.
From Theory to Practice: Obtaining and Installing a Web Server Certificate.
Requiring HTTPS via the IIS Metabase.
Managing Web Applications.
Client Authentication.
Server Applications.
IIS as a Gateway into COM+.
Miscellaneous Topics.
Where to Get More Information.
Summary.
Appendix: Some Parting Words.
Printing SIDs in Human Readable Form.
Adding Domain Principals in Windows 2000.
Adding Groups in Windows 2000.
Adding Local Accounts and Aliases.
Privileges and Logon Rights.
Secrets: The Windows Password Stash.
Glossary.
Bibliography.
Index. 0201604426T04062001
商品描述(中文翻譯)
這是少數針對軟體開發人員的安全書籍之一。大多數書籍都針對想要配置系統以避免攻擊的網路管理員。然而,Windows程式設計師有很多工具可以用來保護他們的應用程式,但大多數人完全不知道這些工具的存在。本書的第一部分確定了開發人員必須掌握的關鍵要素(例如加密、身份驗證、存取控制、憑證),以便了解NT安全性。本書的第二部分涉及將這些要素應用於各種工具和編程技術(COM(+), MTS, MSMQ, Active Directory)。適合的課程有Windows程式設計和電腦安全。目錄如下:
前言
第一部分:模型
1. 角色
2. 環境
3. 執行
第二部分:機制
4. 登入會話
5. 視窗工作站和配置文件
6. 存取控制和負責任
第三部分:分佈
7. 網路身份驗證
8. 檔案伺服器
以上是本書的摘要、適合的課程和目錄。