WCF 3.5 Security Guidelines

J.D. Meier, Jason Taylor, Prashant Bansode, Carlos Farre, Madhu Sundararajan, Steve Gregersen.

The following are guidelines for Web services created with Windows Communication Foundation (WCF) 3.5. They are based on principles where possible. The recommendations are also as contextual as possible, but abstracted for reuse. Use them as a starting point, but you will likely need to tailor for your scenario:

Design Considerations

Auditing and Logging

Authentication

Authorization

Binding

Configuration Management

Exception Management

Hosting

Impersonation and Delegation

Input/Data Validation

Proxy Considerations

Deployment considerations

Last edited Apr 23, 2008 at 10:58 PM by prashantbansode, version 6

Comments

No comments yet.