 See larger picture | Programming Windows Security (DevelopMentor Series)
by
Keith Brown
- Addison-Wesley ProfessionalList Price: $44.99
Price at Amazon.com: $37.72
(Save
16%)
 Availability: Usually ships in 24 hours
Shipping rates and policies |
- Average Customer Review:
Based on
23
reviews.
- Amazon.com Sales Rank: 219594
|
Product Description Windows 2000 and NT offer programmers powerful security tools that few developers use to the fullest -- and many are completely unaware of. In Programming Windows Security, a top Windows security expert shows exactly how to apply them in enterprise applications. Keith Brown starts with a complete roadmap to the Windows 2000 security architecture, describing every component and how they all fit together. He reviews the "actors" in a secure system, including principals, authorities, authentication, domains, and the local security authority; and the role of trust in secure Windows 2000 applications. Developers will understand the security implications of the broader Windows 2000 environment, including logon sessions, tokens, and window stations. Next, Brown introduces Windows 2000 authorization and access control, including groups, aliases, roles, privileges, security descriptors, DACLs and SACLs - showing how to choose the best access strategy for any application. In Part II, he walks developers through using each of Windows 2000's security tools, presenting techniques for building more secure setup programs, using privileges at runtime, working with window stations and user profiles, and using Windows 2000's dramatically changed ACLs. Finally, Brown provides techniques and sample code for network authentication, working with the file system redirector, using RPC security, and making the most of COM/COM+ security.
Featured Customer Reviews  World Class Security Reference,
January 20, 2007
The text is so chocked full of keen insights, I find something new everytime I re-read a chapter. If you're working on a project that requires understanding Windows Security (and what windows project doesn't), I strongly recommend you grab a copy of this book.
There is only a single criticism I can make about this book, and that's about the binding. The cover is poorly attached stiff paper. After reading it a few times (ok, maybe a few dozen times...), the cover came off, and needed to be reattach (twice). The book now looks like it has been through a battle. For a reference text of this importance, hard cover binding would have been more appropriate.An excellent guide to what shouldn't requite a guide in the first place,
July 04, 2006 This is an excellent and well-written book on a topic that - sadly - shouldn't require a guide to be understood. The complexity and obscurity of Windows security APIs makes it somewhat of a futile attempt. But that doesn't mean you shouldn't be one of the few elite programmers who do comprehend it. In other words, highly recommended.Deep and well written,
January 10, 2005 This book does an excellent job of explaining Windows security at both the architectural and code levels. It's well written, even to the point of being entertaining at some points. Which is a lot to say for a security book.
The book covers topics at a remarkable depth without feeling overwhelming. Though it's light on strict reference material (which is easily made up with the MSDN) it still has reference value because of the deep level at which subjects are covered. In particular, his coverage of network authentication is excellent. Which is fantastic because this is such a frustrating issue in practice.
Definitely worth a look for anyone who wants to understand Windows security APIs at a deep level.At last a serious look at Windows security,
July 18, 2002 Keith Brown's book is a refreshing change from the 'stick in something about security in a side-bar' approach taken by so many authors. Finally a book which explains lucidly what amounts to a very complex topic; and does so in an understandable and enjoyable fashion. If there were 6 stars on the rating scale then it would get a 6...best book on the topic,
November 21, 2001 I find this book amazing; it has the best of information i could find on this topic in one book.
The topic on IIS and COM+ helped me learn a lot and taught me some design flaws i had in designing few apps for IIS.
i would recommend every developer to have one in there shelf.
You might also be interested in these items...
|
|