Categories

  • Auditing and logging
  • Authentication
  • Authorization
  • Cryptography
  • Deployment Considerations
  • Exception Management
  • Impersonation and Delegation
  • Input Validation
  • Message Security
  • Proxy
  • Sensitive Data
  • Session Management
  • Transport Security

Auditing and logging

ScenarioPersonasPriority
Configure service to enable authentication auditingAdministrator, Developer
Configure service to enable authorization auditingAdministrator, Developer
Configure service to enable transport level loggingAdministrator, Developer
Configure service to enable message level loggingAdministrator, Developer
Configure service to enable logging with filtersAdministrator, Developer
Configure service to enable tracing with different levels of informationAdministrator, Developer
Enable performance counters to monitor denial of service conditionsAdministrator, Developer
Configure service to enable WMI providerAdministrator, Developer
View log and trace files for auditing purposesAdministrator

Authentication

ScenarioPersonasPriority
Configure service with NTLM authentication Administrator, Developer
Configure service with basic authentication Administrator, Developer
Configure service with digest authenticationAdministrator, Developer
Configure service with windows authenticationAdministrator, Developer
Configure service with issue token authenticationAdministrator, Developer
Configure service with username/password authenticationAdministrator, Developer
Configure service with no credentialsAdministrator, Developer
Configure service with certificate authenticationAdministrator, Developer
Pass service certificate via secure session negotiationAdministrator, Developer
Pass NTLM credentials via secure session negotiationAdministrator, Developer
Implement custom credential validationDeveloper

Authorization

ScenarioPersonasPriority
Configure service to use a Windows provider to authorize users Administrator, Developer
Configure service to use an ASP.NET role provider Administrator, Developer
Configure service to use a custom authorization provider Administrator, Developer
Configure service to use custom security policiesAdministrator, Developer
Mark an operation contract with security demands attributeDeveloper
Perform authorization based on a programmatically verified claimDeveloper

Cryptography

ScenarioPersonasPriority
Implement custom binding with cryptographic algorithms for encrypting/signing messagesDeveloper
Implement custom binding to sign message without encryption Developer
Implement custom binding to encrypt message without signingDeveloper

Deployment Considerations

ScenarioPersonasPriority
Host service in IIS for HTTP(s) communication Administrator, Developer
Host service in Windows Activation server (WAS) for TCP communicationAdministrator, Developer
Host service in Windows Activation server (WAS) for HTTP(s) communicationAdministrator, Developer
Self-host service in windows service for HTTP(s) communicationDeveloper
Self-host service in windows service for TCP communicationDeveloper
Host service with least privilege accountAdministrator, Developer
Host service in medium trust Administrator, Developer
Configure certificate in IIS to enable SSL in a virtual directory hosting serviceAdministrator, Developer
Configure certificate to enable SSL in a self hosted service Administrator, Developer
Configure certificate on a client local store for message encryption and authentication Administrator, Developer
Configure partner public key certificates in local store for authorizationAdministrator, Developer
Configure IIS for authenticationAdministrator
Store encryption keys in a secure location Administrator, Developer
Encrypt all or part of a web configuration file Administrator, Developer
Map certificates with accounts in active directory Administrator, Developer
Configure Active Directory groups and accounts for role-based authorization checksAdministrator, Developer
Configure Cardspace accounts Administrator, Developer
Configure Security Token Service (STS) Administrator, Developer
Configure MSMQ accounts and securityAdministrator, Developer

Exception Management

Scenario PersonasPriority
Design fault contracts to allow services to declare known faults for each operation Developer
Design service with exceptions handling that will not divulge information to the clientDeveloper
Enable debugging behavior to allow debug information to be propagated to the clientAdministrator, Developer
Clients handle exceptions in stateful servicesDeveloper
Design operations to catch exceptions and communicate failures to clientDeveloper
Implement a global exception handlerDeveloper

Impersonation and Delegation

Scenario PersonasPriority
Configure service to run under security principal name to allow client to authenticate Administrator, Developer
Configure service to use certificate on the local store to allow client to authenticate Administrator, Developer
Configure service to allow impersonation of clients with windows credentials Administrator, Developer
Set operation contract attribute to allow impersonation when enabled via service behaviorDeveloper
Flow identities in message from intermediary for authentication/delegation/auditingDeveloper
Configure impersonation to retrieve identities from security contextDeveloper

Input Validation

ScenarioPersonasPriority
Validate messages with custom schema inspectorsDeveloper
Validate messages with custom message inspectorsDeveloper

Message Security

ScenarioPersonasPriority
Credentials are sent in message over https Administrator, Developer
Credentials are sent in message over http Administrator, Developer
Credentials are sent in message over TCP Administrator, Developer
Sensitive data is sent in message over https Administrator, Developer
Sensitive data is sent in message over http Administrator, Developer
Sensitive data is sent in message over TCP Administrator, Developer
Configure message security to support communication via intermediaries Administrator, Developer
Configure message security to support partial signing of a message Administrator, Developer
Configure message security to support partial encryption of a messageAdministrator, Developer

Proxy

Scenario PersonasPriority
Proxy is generated from service metadata over HTTP(S) Developer
Client is configured to use certificate for authentication and message security.Developer
Proxy is generated from service metadata over TCPDeveloper
Proxy is generated from service metadata over MSMQDeveloper
Service operations invocation administratively - Client authenticates with service providing credentialsDeveloper
Service operations invocation administratively - Client calls service anonymouslyDeveloper
Service operations invocation programmatically - Client authenticates with service providing credentialsDeveloper
Service operations invocation programmatically - Client calls service anonymouslyDeveloper
Client is invoked via client factory to improve performance Developer |

Sensitive Data

Scenario PersonasPriority
Configure service for message encryption to protect message confidentiality and integrity with certificates Administrator, Developer
Configure service for message encryption to protect message confidentiality and integrity with Kerberos ticketsAdministrator, Developer
Design service to protect parts of the message with partial encryptionDeveloper
Configure service to secure metadata in an endpoint to be consumed by service clientsAdministrator, Developer
Configure service to use transport securityAdministrator, Developer
Configure service to change the default message encryption algorithmDeveloper

Session Management

Scenario PersonasPriority
Configure message throttling to avoid denial of service attacksAdministrator, Developer
Design services per session mode Administrator, Developer
Configure memory limits to avoid denial of service attacks Administrator, Developer
Configure service for reliable messaging with reliable session and ordering of messages Administrator, Developer
Implement structured exception handling and state management to avoid state corruption Developer

Transport Security

Scenario Personas Priority
Credentials are sent in transport over https Administrator, Developer
Sensitive data is sent in transport over https Administrator, Developer
Configure transport security for end point communication with no intermediariesAdministrator, Developer
Configure transport security for improved performance over message securityAdministrator,Developer

Last edited Jan 17, 2008 at 12:50 AM by prashantbansode, version 2

Comments

No comments yet.