Visual Basic .NET Code Security Handbook
$54.95 (includes GST)
Paperback package 270
20%Off Retail Price
OUT OF PRINT. But we may be able to find a copy for you! Please contact Bookware customer service for availability.
VB.NET Level: I/A
| Add to Shopping Cart
.NET provides a powerful framework in which to write secure code but unless you understand how attackers think and how the .NET security systems works your code will be vulnerable.
Writing secure .NET code requires three things: an understanding of the .NET code security system, attention to detail, and the ability to think from the point of view of an attacker. This book provides a practical guide to the .NET security framework, and also demonstrates best practices to follow and worst practices to avoid. There is no such thing as foolproof security but the techniques demonstrated in this book will go a long way towards making your code secure in the face of attackers.
As well as knowing how to write secure code, it is also important to be able to spot holes in your own and others code. This book provides many examples of common vulnerabilities (and how to mitigate them) to help you learn this important skill. Although this book primarily focuses on .NET code access security other aspects of security such as the Window role based security model, cryptography, and calling unmanaged code are covered where relevant.
What is great about this book?
When security vulnerabilities are discovered in your products or systems it is not only embarrassing but also potentially costly to you and or your customers. .NET offers the potential to reduce greatly the number and severity of security vulnerabilities but there are still many pitfalls; this book can help you avoid them.
About the Author
Eric Lippert works for Microsoft designing programming languages and development tools. He has been partly responsible for creating VBScript, JScript, Windows Script Host, and Windows Script Components. He was also involved in the design of JScript .NET and Visual Basic .NET and until recently he was part of the ECMAScript working group.
Eric has long been interested in computer security issues particularly with respect to the highly destructive script-related viruses that have appeared over the last few years. He realised in 2001 that even the excellent new security features in the .NET Framework would not solve these problems unless people used and understood them. Since then he has been somewhat obsessive about explaining to anyone who listen how the security system works and why it is important to them.