Summer Reading Sale
 
 

Recently Viewed clear list


Original Essays | July 22, 2014

Nick Harkaway: IMG The Florist-Assassins



The three men lit up in my mind's eye, with footnotes. They were converging on me — and on the object I was carrying — in a way that had... Continue »
  1. $18.87 Sale Hardcover add to wish list

    Tigerman

    Nick Harkaway 9780385352413

spacer
Qualifying orders ship free.
$50.75
New Trade Paper
Ships in 1 to 3 days
Add to Wishlist
available for shipping or prepaid pickup only
Available for In-store Pickup
in 7 to 12 days
Qty Store Section
1 Remote Warehouse Software Engineering- General

Programming Windows Security (DevelopMentor)

by

Programming Windows Security (DevelopMentor) Cover

 

Synopses & Reviews

Publisher Comments:

"Keith Brown lucidly explains the Win32 security architecture and how it pervades Windows NT and Windows 2000. He demystifies authentication, authorization, auditing, COM+ security, logon sessions, and much more."

--George V. Reilly, IIS Performance Lead, Microsoft

Windows security has often been considered a dry and unapproachable topic. For years, the main examples of programming security were simply exercises in ACL manipulation. Programming Windows Security is a revelation providing developers with insight into the way Windows security really works. This book shows developers the essentials of security in Windows 2000, including coverage of Kerberos, SSL, job objects, the new ACL model, COM+ and IIS 5.0. Also included are highlights of the differences between security in Windows 2000 and in Windows NT 4.0.

Programming Windows Security is written by an experienced developer specifically for use by other developers. It focuses on the issues of most concern to developers today: the design and implementation of secure distributed systems using the networking infrastructure provided by Windows, the file server, the web server, RPC servers, and COM(+) servers.

Topics covered include:

  • COM(+) security, from the ground up
  • IIS security
  • How the file system redirector works and why developers should care
  • The RPC security model
  • Kerberos, NTLM, and SSL authentication protocols and SSPI
  • Services and the Trusted Computing Base (TCB)
  • Logon sessions and tokens
  • Window stations, desktops, and user profiles
  • The Windows 2000 ACL model, including the new model of inheritance
  • Using private security descriptors to secure objects
  • Accounts, groups, aliases, privileges, and passwords
  • Comparison of three strategies for performing access control--impersonation, role-centric, and object-centric--and their impact on the design of a distributed application

Programming Windows Security provides the most comprehensive coverage of COM(+) security available in one place, culled from the author's extensive experience in diagnosing COM security problems in the lab and via correspondence on the DCOM mailing list.

0201604426B04062001

Book News Annotation:

Provides professional software developers with information on how Windows security works, including coverage of Kerberos, SSL, job objects, the new ACL model, COM+, and IIS 5.0. Also addressed are the differences between security in Windows 2000 and Windows NT 4.0.
Annotation c. Book News, Inc., Portland, OR (booknews.com)

Synopsis:

"Keith Brown lucidly explains the Win32 security architecture and how it pervades Windows NT and Windows 2000. He demystifies authentication, authorization, auditing, COM+ security, logon sessions, and much more."

--George V. Reilly, IIS Performance Lead, Microsoft

Windows security has often been considered a dry and unapproachable topic. For years, the main examples of programming security were simply exercises in ACL manipulation. Programming Windows Security is a revelation providing developers with insight into the way Windows security really works. This book shows developers the essentials of security in Windows 2000, including coverage of Kerberos, SSL, job objects, the new ACL model, COM+ and IIS 5.0. Also included are highlights of the differences between security in Windows 2000 and in Windows NT 4.0.

Programming Windows Security is written by an experienced developer specifically for use by other developers. It focuses on the issues of most concern to developers today: the design and implementation of secure distributed systems using the networking infrastructure provided by Windows, the file server, the web server, RPC servers, and COM(+) servers.

Topics covered include:

  • COM(+) security, from the ground up
  • IIS security
  • How the file system redirector works and why developers should care
  • The RPC security model
  • Kerberos, NTLM, and SSL authentication protocols and SSPI
  • Services and the Trusted Computing Base (TCB)
  • Logon sessions and tokens
  • Window stations, desktops, and user profiles
  • The Windows 2000 ACL model, including the new model of inheritance
  • Using private security descriptors to secure objects
  • Accounts, groups, aliases, privileges, and passwords
  • Comparison of three strategies for performing access control--impersonation, role-centric, and object-centric--and their impact on the design of a distributed application

Programming Windows Security provides the most comprehensive coverage of COM(+) security available in one place, culled from the author's extensive experience in diagnosing COM security problems in the lab and via correspondence on the DCOM mailing list.

0201604426B04062001

About the Author

Keith Brown focuses on application security at Pluralsight, which he cofounded with several other .NET experts to foster a community, develop content, and provide premier training. Keith regularly speaks at conferences, including TechEd and WinDev, and serves as a contributing editor and columnist to MSDN Magazine.

Table of Contents

Preface.

I. MODEL 1.

1. The Players.

Principals.

Authorities.

Machines as Principals.

Authentication.

Trust.

Summary.
2. The Environment.

Logon Sessions.

Tokens.

The System Logon Session.

Window Stations.

Processes.

Summary.
3. Enforcement.

Authorization.

Discovering Authorization Attributes.

Distributed Applications.

Objects and Security Descriptors.

Access Control Strategies.

Choosing a Model.

Caching Mechanisms.

Summary.

II. MECHANICS.

4. Logon Sessions.

Logon Session 999.

Daemon Logon Sessions.

Network Logon Sessions.

Interactive Logon Sessions.

Network Credentials.

Tokens.

Memory Allocation and Error Handling Strategies.

Using Privileges.

Impersonation.

Restricting Authorization Attributes.

Terminating a Logon Session.

Summary.
5. Window Stations and Profiles.

What Is a Window Station?

Window Station Permissions.

Natural Window Station Allocation.

Daemons in the Lab.

Other Window Stations.

Exploring Window Stations.

Closing Window Station Handles.

Window Stations and Access Control.

Desktops.

Jobs, Revisited.

Processes.

Summary.
6. Access Control and Accountability.

Permissions.

Anatomy of a Security Descriptor.

Where Do Security Descriptors Come From?

Security Descriptor Usage Patterns.

How ACLs Work.

Security Descriptors and Built-in Objects.

Security Descriptors and Private Objects.

Hierarchical Object Models and ACL Inheritance.

ACL Programming.

Handles.

Summary.

III. DISTRIBUTION.

7. Network Authentication.

The NTLM Authentication Protocol.

The Kerberos v5 Authentication Protocol.

SSPI.

SPNEGO: Simple and Protected Negotiation.

Summary.
8. The File Server.

Lan Manager.

Lan Manager Sessions.

Clients and Sessions.

Use Records.

NULL Sessions.

Dealing with Conflict.

Drive Letter Mappings.

Named Pipes.

SMB Signing.

Summary.
9. COM(+).

The MSRPC Security Model.

The COM Security Model.

COM Interception.

Activation Requests.

More COM Interception: Access Control.

Plugging Obscure Security Holes.

Security in In-Process Servers?

Surrogates and Declarative Security.

COM Servers Packaged as Services.

Legacy Out-of-Process Servers.

Launching Servers via the COM SCM.

A Note on Choosing a Server Identity.

Access Checks in the Middle Tier.

The COM+ Security Model: Configured Components.

Catalog Settings.

Applications and Role-Based Security.

Making Sense of COM+ Access Checks.

Which Components Need Role Assignments?

Security in COM+ Library Applications.

Fine-Grained Access Control: IsCallerInRole.

Call Context Tracking.

Tips for Debugging COM Security Problems.

Summary.
10. IIS.

Authentication on the Web.

Public Key Cryptography.

Certificates.

Secure Sockets Layer.

Certificate Revocation.

From Theory to Practice: Obtaining and Installing a Web Server Certificate.

Requiring HTTPS via the IIS Metabase.

Managing Web Applications.

Client Authentication.

Server Applications.

IIS as a Gateway into COM+.

Miscellaneous Topics.

Where to Get More Information.

Summary.
Appendix: Some Parting Words.

Well-Known SIDs.

Printing SIDs in Human Readable Form.

Adding Domain Principals in Windows 2000.

Adding Groups in Windows 2000.

Adding Local Accounts and Aliases.

Privileges and Logon Rights.

Secrets: The Windows Password Stash.
Glossary.

Bibliography.

Index. 0201604426T04062001

Product Details

ISBN:
9780201604429
Author:
Brown, Keith
Publisher:
Addison-Wesley Professional
Location:
Boston
Subject:
Operating Systems - Windows
Subject:
Programming - Software Development
Subject:
Computer security
Subject:
Security
Subject:
Computer programming
Subject:
Microsoft Windows NT.
Subject:
Microsoft Windows
Subject:
Security - General
Subject:
Operating Systems - NT
Subject:
Software Development & Engineering - General
Subject:
Software Engineering-General
Copyright:
Edition Description:
Trade paper
Series:
DevelopMentor series
Series Volume:
1268-00-RR
Publication Date:
July 2000
Binding:
TRADE PAPER
Grade Level:
Professional and scholarly
Language:
English
Illustrations:
Yes
Pages:
608
Dimensions:
9.1 x 7.2 x 1.3 in 953 gr

Other books you might like

  1. Pro ASP.NET 2.0 in C# 2005 (Expert's... Used Trade Paper $5.95
  2. Professional Winfx Beta: Covers...
    Sale Trade Paper $1.00
  3. Sams Teach Yourself SQL in 10 Minute... Used Trade Paper $11.95
  4. C++ Iostreams Handbook Used Trade Paper $1.00
  5. Brave New World
    Used Mass Market $3.50
  6. Professional C# 2005
    New Trade Paper $59.77

Related Subjects

Computers and Internet » Networking » Computer Security
Computers and Internet » Operating Systems » General
Computers and Internet » Software Engineering » General

Programming Windows Security (DevelopMentor) New Trade Paper
0 stars - 0 reviews
$50.75 In Stock
Product details 608 pages Addison-Wesley Professional - English 9780201604429 Reviews:
"Synopsis" by ,
"Keith Brown lucidly explains the Win32 security architecture and how it pervades Windows NT and Windows 2000. He demystifies authentication, authorization, auditing, COM+ security, logon sessions, and much more."

--George V. Reilly, IIS Performance Lead, Microsoft

Windows security has often been considered a dry and unapproachable topic. For years, the main examples of programming security were simply exercises in ACL manipulation. Programming Windows Security is a revelation providing developers with insight into the way Windows security really works. This book shows developers the essentials of security in Windows 2000, including coverage of Kerberos, SSL, job objects, the new ACL model, COM+ and IIS 5.0. Also included are highlights of the differences between security in Windows 2000 and in Windows NT 4.0.

Programming Windows Security is written by an experienced developer specifically for use by other developers. It focuses on the issues of most concern to developers today: the design and implementation of secure distributed systems using the networking infrastructure provided by Windows, the file server, the web server, RPC servers, and COM(+) servers.

Topics covered include:

  • COM(+) security, from the ground up
  • IIS security
  • How the file system redirector works and why developers should care
  • The RPC security model
  • Kerberos, NTLM, and SSL authentication protocols and SSPI
  • Services and the Trusted Computing Base (TCB)
  • Logon sessions and tokens
  • Window stations, desktops, and user profiles
  • The Windows 2000 ACL model, including the new model of inheritance
  • Using private security descriptors to secure objects
  • Accounts, groups, aliases, privileges, and passwords
  • Comparison of three strategies for performing access control--impersonation, role-centric, and object-centric--and their impact on the design of a distributed application

Programming Windows Security provides the most comprehensive coverage of COM(+) security available in one place, culled from the author's extensive experience in diagnosing COM security problems in the lab and via correspondence on the DCOM mailing list.

0201604426B04062001

spacer
spacer
  • back to top
Follow us on...




Powell's City of Books is an independent bookstore in Portland, Oregon, that fills a whole city block with more than a million new, used, and out of print books. Shop those shelves — plus literally millions more books, DVDs, and gifts — here at Powells.com.