Chapter 1: Writing Secure Code

In This Chapter

check.png Designing for security

check.png Building secure Windows and web applications

check.png Digging into System.Security

Security is a big topic. Ignoring for a moment all the buzzwords surrounding security, I’m sure you realize that you need to protect your application from being used by people who shouldn’t use it. You also need to prevent your application from being used for things it shouldn’t be used for.

At the beginning of the electronic age, security was usually performed by obfuscation. If you had an application that you didn’t want people peeking at, you just hid it, and no one would know where to find it. Thus, it would be secure. (Remember War Games, the movie in which the military assumed that no one would find the phone number needed to connect to its mainframes — but Matthew Broderick’s character did?)

That obviously doesn’t cut it anymore; now you need to consider security as an integral requirement of every system that you write. Your application might not contain sensitive data, but can it be used to get to other information on the machine? Can it be used to gain access to a network that it shouldn’t? The answers to these questions matter. ...

Get C# 5.0 All-in-One For Dummies now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.