O'Reilly logo

.NET Framework Security by Kevin T. Price, Rudi Martin, Matthew Lyons, Sebastian Lange, Brian A. LaMacchia

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Security and the Developer

What do we mean when we refer to “secure code?” In essence, the ultimate purpose of security is to allow “good” code to execute while denying access to “bad” code. Unfortunately, there are no algorithms that let us differentiate “good” code from “bad.” Suppose, for example, that a request is made to append data to a file. Is this an attempt to inject a virus, or is it merely new output being added to some log file?

No security system can judge the intent behind such an action; even humans sometimes have difficulty discerning the true purpose of a piece of code. Instead, the security system concentrates on evidence about the user or code that it knows is factual or can be validated: usernames validated by passwords, ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required