+设为首页 +添加到收藏夹
last month (.netdj, vol. 1, issue 12) we demonstrated a simple technique that allows you to avoid storing passwords in clear text, making your .net applications more secure and safer should they somehow be compromised. in this article, we want to step back a bit and look at the big picture: application security from end to end.
when it comes to security, we developers are in charge. security is not something that can be pushed off onto the network administrator; it is an integral aspect of an applications overall architecture. a well-built application should be inherently secure. a poorly constructed program may be impossible to secure. more important, you cannot graft security onto your application in any cost-effective way after it has been written. if you want your application to be secure, you have to address the issue up front, not as an afterthought.
the purpose of this article is to give you an overview of where security enters the picture and help you understand the points at which you as a developer will need to coordinate with your network administration staff to make it all work. in our experience, very few people are expert at both development and network administration - and security touches both of these areas. as you determine your applications architecture, its impact on your network and its infrastructure has to be included in your vision. successful deployment may require the assistance of your network staff.
beyond world-class application design, you can also install add-on technology to help with security. while a discussion of this is beyond what we can cover here, we would encourage you to in... 下一页