Web Services Security

<NameIdentifier>, 108

.NET (Microsoft). See also .NET servers; Passport (Microsoft)

assembly configurations, viewing (with MMC snap-in), 195–196

assembly security permissions, assigning, 198

code access security in, 195

code execution, host control of, 194

evidence-based security in, 195

framework of, 194–196

input validation attacks, 195

managed vs. unmanaged code, 194–195

permission set, creating (with MMC menu), 196, 197

role-based security in, 195

security and Visual Basic catch statements, 198

security sources in, 195

SQL injection attacks, 56, 196–198

.NET servers. See also .NET (Microsoft)

checklist for, 200–201

DoS attacking protocols against, 199–200

DoS attacks, protecting against, 200–201

ISAPI filters, removing, 200

Microsoft IIS servers, security advisories for, 199

“nonce” (number once), 268

nonrepudiation, 29. See also encryption

and KeyInfo Element of XML Signature, 76