Tuesday, November 18, 2008
Friday, June 6, 2008
The wait is over!!, we have released BETA version of our WCF Security guide - patterns & practices Improving Web Services Security: Scenarios and Implementation Guidance for WCF.
The guide walks you through the security concepts of WCF with key guidance around those concepts. The chapters are ably supported by Guidelines, Checklists, Practices, Q&A and How Tos. It other words you can call it our Microsoft playbook for Windows Communication Foundation (WCF - "Indigo").
It shows you how to build secure WCF. It's a compilation of proven practices, product team recommendations and insights from the field.
Please Download the Guide and embark on the WCF journey securely!!
Thursday, April 10, 2008
Each application scenario includes a skeleton view of a deployment topology of particular scenario and a skeletal representation of possible or recommended solution, with analysis of the solution applied.
For me this are visual patterns of scenarios and solution, where you can quickly scan what scenario pattern fits your application (or closest fit) and what is the possible or recommended solution.
But let me be clear here, the recommended solution will not necessarily be 100% fit to your scenario - but treat it as baseline and customize it to your scenario appropriately.
As part of our patterns & practices WCF Security Guidance Project - Yesterday we released a set of Application Scenarios.
- Intranet – Web to Remote WCF Using Transport Security (Trusted Subsystem TCP)
- Intranet – Web to Remote WCF Using Transport Security (Trusted Subsystem, HTTP)
- Intranet – Web to Remote WCF Using Transport Security (Original Caller, TCP)
- Intranet – Windows Forms to Remote WCF Using Transport Security (TCP)
- Internet – Web to Remote WCF Using Transport Security (Trusted Subsystem)
- Internet – Windows Forms Client Calling WCF Using Message Security
Tuesday, April 1, 2008
Infact I was deep diving in WCF security space, and we have recently released some cool WCF guidance on codeplex as part of our patterns & practices WCF Security Guidance Project.
The goal of this project is to find the key combinations of security practices for WCF that work for customers and share them more broadly. At a high-level, you can think of the project in terms of these main buckets:
- Application Scenarios - These are whiteboard solutions for common end-to-end application scenarios.
- How Tos - These are step-by-step instructions for performing key end-to-end tasks.
- Building Codes - These are our sets of rules and practices. This includes Guidelines, Checklists, and Practices at a Glance.
- Reference - This includes Explained, Cheat Sheets, and Q&A guidance.