Categories

  • Auditing and logging
  • Authentication
  • Authorization
  • Cryptography
  • Deployment Considerations
  • Exception Management
  • Impersonation and Delegation
  • Input Validation
  • Message Security
  • Proxy
  • Sensitive Data
  • Session Management
  • Transport Security

Auditing and logging

Scenario Personas Priority
Configure service to enable authentication auditing Administrator, Developer
Configure service to enable authorization auditing Administrator, Developer
Configure service to enable transport level logging Administrator, Developer
Configure service to enable message level logging Administrator, Developer
Configure service to enable logging with filters Administrator, Developer
Configure service to enable tracing with different levels of information Administrator, Developer
Enable performance counters to monitor denial of service conditions Administrator, Developer
Configure service to enable WMI provider Administrator, Developer
View log and trace files for auditing purposes Administrator

Authentication

Scenario Personas Priority
Configure service with NTLM authentication Administrator, Developer
Configure service with basic authentication Administrator, Developer
Configure service with digest authentication Administrator, Developer
Configure service with windows authentication Administrator, Developer
Configure service with issue token authentication Administrator, Developer
Configure service with username/password authentication Administrator, Developer
Configure service with no credentials Administrator, Developer
Configure service with certificate authentication Administrator, Developer
Pass service certificate via secure session negotiation Administrator, Developer
Pass NTLM credentials via secure session negotiation Administrator, Developer
Implement custom credential validation Developer

Authorization

Scenario Personas Priority
Configure service to use a Windows provider to authorize users Administrator, Developer
Configure service to use an ASP.NET role provider Administrator, Developer
Configure service to use a custom authorization provider Administrator, Developer
Configure service to use custom security policies Administrator, Developer
Mark an operation contract with security demands attribute Developer
Perform authorization based on a programmatically verified claim Developer

Cryptography

Scenario Personas Priority
Implement custom binding with cryptographic algorithms for encrypting/signing messages Developer
Implement custom binding to sign message without encryption Developer
Implement custom binding to encrypt message without signing Developer

Deployment Considerations

Scenario Personas Priority
Host service in IIS for HTTP(s) communication Administrator, Developer
Host service in Windows Activation server (WAS) for TCP communication Administrator, Developer
Host service in Windows Activation server (WAS) for HTTP(s) communication Administrator, Developer
Self-host service in windows service for HTTP(s) communication Developer
Self-host service in windows service for TCP communication Developer
Host service with least privilege account Administrator, Developer
Host service in medium trust Administrator, Developer
Configure certificate in IIS to enable SSL in a virtual directory hosting service Administrator, Developer
Configure certificate to enable SSL in a self hosted service Administrator, Developer
Configure certificate on a client local store for message encryption and authentication Administrator, Developer
Configure partner public key certificates in local store for authorization Administrator, Developer
Configure IIS for authentication Administrator
Store encryption keys in a secure location Administrator, Developer
Encrypt all or part of a web configuration file Administrator, Developer
Map certificates with accounts in active directory Administrator, Developer
Configure Active Directory groups and accounts for role-based authorization checks Administrator, Developer
Configure Cardspace accounts Administrator, Developer
Configure Security Token Service (STS) Administrator, Developer
Configure MSMQ accounts and security Administrator, Developer

Exception Management

Scenario Personas Priority
Design fault contracts to allow services to declare known faults for each operation Developer
Design service with exceptions handling that will not divulge information to the client Developer
Enable debugging behavior to allow debug information to be propagated to the client Administrator, Developer
Clients handle exceptions in stateful services Developer
Design operations to catch exceptions and communicate failures to client Developer
Implement a global exception handler Developer

Impersonation and Delegation

Scenario Personas Priority
Configure service to run under security principal name to allow client to authenticate Administrator, Developer
Configure service to use certificate on the local store to allow client to authenticate Administrator, Developer
Configure service to allow impersonation of clients with windows credentials Administrator, Developer
Set operation contract attribute to allow impersonation when enabled via service behavior Developer
Flow identities in message from intermediary for authentication/delegation/auditing Developer
Configure impersonation to retrieve identities from security context Developer

Input Validation

Scenario Personas Priority
Validate messages with custom schema inspectors Developer
Validate messages with custom message inspectors Developer

Message Security

Scenario Personas Priority
Credentials are sent in message over https Administrator, Developer
Credentials are sent in message over http Administrator, Developer
Credentials are sent in message over TCP Administrator, Developer
Sensitive data is sent in message over https Administrator, Developer
Sensitive data is sent in message over http Administrator, Developer
Sensitive data is sent in message over TCP Administrator, Developer
Configure message security to support communication via intermediaries Administrator, Developer
Configure message security to support partial signing of a message Administrator, Developer
Configure message security to support partial encryption of a message Administrator, Developer

Proxy

Scenario Personas Priority
Proxy is generated from service metadata over HTTP(S) Developer
Client is configured to use certificate for authentication and message security. Developer
Proxy is generated from service metadata over TCP Developer
Proxy is generated from service metadata over MSMQ Developer
Service operations invocation administratively - Client authenticates with service providing credentials Developer
Service operations invocation administratively - Client calls service anonymously Developer
Service operations invocation programmatically - Client authenticates with service providing credentials Developer
Service operations invocation programmatically - Client calls service anonymously Developer
Client is invoked via client factory to improve performance Developer |

Sensitive Data

Scenario Personas Priority
Configure service for message encryption to protect message confidentiality and integrity with certificates Administrator, Developer
Configure service for message encryption to protect message confidentiality and integrity with Kerberos tickets Administrator, Developer
Design service to protect parts of the message with partial encryption Developer
Configure service to secure metadata in an endpoint to be consumed by service clients Administrator, Developer
Configure service to use transport security Administrator, Developer
Configure service to change the default message encryption algorithm Developer

Session Management

Scenario Personas Priority
Configure message throttling to avoid denial of service attacks Administrator, Developer
Design services per session mode Administrator, Developer
Configure memory limits to avoid denial of service attacks Administrator, Developer
Configure service for reliable messaging with reliable session and ordering of messages Administrator, Developer
Implement structured exception handling and state management to avoid state corruption Developer

Transport Security

Scenario Personas Priority
Credentials are sent in transport over https Administrator, Developer
Sensitive data is sent in transport over https Administrator, Developer
Configure transport security for end point communication with no intermediaries Administrator, Developer
Configure transport security for improved performance over message security Administrator,Developer

Last edited Jan 17, 2008 at 12:50 AM by prashantbansode, version 2

Comments

No comments yet.