About the Book
Learn how to use Windows 2000 security features to protect your Web applications and data.
Windows® 2000 provides a host of innovative services to satisfy the most demanding security needs. DESIGNING SECURE WEB-BASED APPLICATIONS FOR MICROSOFT® WINDOWS 2000 provides an authoritative, end-to-end view of all the major Windows 2000 security services. This book gives you a solid foundation in Microsoft Windows 2000, Internet Explorer, Internet Information Services, SQL Server™, and COM+ security concepts. It explains the key software design considerations for various categories and levels of security and shows how isolated security “islands” interact. It also explains core security issues such as risk analysis, threats, authentication, authorization, and privacy, and it shows how you can mitigate risks by applying the appropriate security to your environment and applications. The author uses Web services, certificates, components, and database access to build a complex Web-based security solution (included on CD-ROM) to show how Windows 2000 security features work in tandem to protect applications and data. Packed with the latest Web security insights, this book covers topics such as:
• The philosophy and architecture of security systems—the importance of security to your assets; why security is so hard to implement and maintain; common examples of security threats and countermeasures; and a detailed process for building secure Web applications using a real-world Web security scenario
• Technologies, options, and trade-offs—an overview of security services in Microsoft Windows 2000, SQL Server, Internet Explorer, Internet Information Services, and COM+; and practical trade-offs in developing systems to counter security threats
• Practical security system development—how to build, test, and troubleshoot a security solution for a Web application
• Reference details—security administration with Active Directory™ Service Interfaces (ADSI), Windows Management Instrumentation (WMI), and COM+; and Kerberos authentication, cryptography, and certificates in Windows 2000
An electronic version of this book is available on the companion CD.
Microsoft® Windows® Server 2003 Administrator's Companion
Microsoft® Windows® Server 2003 Administrator's Pocket Consultant
MCSA/MCSE Self-Paced Training Kit (Exam 70-214): Implementing and Administering Security in a Microsoft Windows 2000 Network
Number of Ratings: 7