patterns & practices: WCF Security Guidance

Auditing and logging

Scenario	Personas	Priority
Configure service to enable authentication auditing	Administrator, Developer
Configure service to enable authorization auditing	Administrator, Developer
Configure service to enable transport level logging	Administrator, Developer
Configure service to enable message level logging	Administrator, Developer
Configure service to enable logging with filters	Administrator, Developer
Configure service to enable tracing with different levels of information	Administrator, Developer
Enable performance counters to monitor denial of service conditions	Administrator, Developer
Configure service to enable WMI provider	Administrator, Developer
View log and trace files for auditing purposes	Administrator

Authentication

Scenario	Personas	Priority
Configure service with NTLM authentication	Administrator, Developer
Configure service with basic authentication	Administrator, Developer
Configure service with digest authentication	Administrator, Developer
Configure service with windows authentication	Administrator, Developer
Configure service with issue token authentication	Administrator, Developer
Configure service with username/password authentication	Administrator, Developer
Configure service with no credentials	Administrator, Developer
Configure service with certificate authentication	Administrator, Developer
Pass service certificate via secure session negotiation	Administrator, Developer
Pass NTLM credentials via secure session negotiation	Administrator, Developer
Implement custom credential validation	Developer

Authorization

Scenario	Personas	Priority
Configure service to use a Windows provider to authorize users	Administrator, Developer
Configure service to use an ASP.NET role provider	Administrator, Developer
Configure service to use a custom authorization provider	Administrator, Developer
Configure service to use custom security policies	Administrator, Developer
Mark an operation contract with security demands attribute	Developer
Perform authorization based on a programmatically verified claim	Developer

Cryptography

Scenario	Personas	Priority
Implement custom binding with cryptographic algorithms for encrypting/signing messages	Developer
Implement custom binding to sign message without encryption	Developer
Implement custom binding to encrypt message without signing	Developer

Deployment Considerations

Scenario	Personas	Priority
Host service in IIS for HTTP(s) communication	Administrator, Developer
Host service in Windows Activation server (WAS) for TCP communication	Administrator, Developer
Host service in Windows Activation server (WAS) for HTTP(s) communication	Administrator, Developer
Self-host service in windows service for HTTP(s) communication	Developer
Self-host service in windows service for TCP communication	Developer
Host service with least privilege account	Administrator, Developer
Host service in medium trust	Administrator, Developer
Configure certificate in IIS to enable SSL in a virtual directory hosting service	Administrator, Developer
Configure certificate to enable SSL in a self hosted service	Administrator, Developer
Configure certificate on a client local store for message encryption and authentication	Administrator, Developer
Configure partner public key certificates in local store for authorization	Administrator, Developer
Configure IIS for authentication	Administrator
Store encryption keys in a secure location	Administrator, Developer
Encrypt all or part of a web configuration file	Administrator, Developer
Map certificates with accounts in active directory	Administrator, Developer
Configure Active Directory groups and accounts for role-based authorization checks	Administrator, Developer
Configure Cardspace accounts	Administrator, Developer
Configure Security Token Service (STS)	Administrator, Developer
Configure MSMQ accounts and security	Administrator, Developer

Exception Management

Scenario	Personas	Priority
Design fault contracts to allow services to declare known faults for each operation	Developer
Design service with exceptions handling that will not divulge information to the client	Developer
Enable debugging behavior to allow debug information to be propagated to the client	Administrator, Developer
Clients handle exceptions in stateful services	Developer
Design operations to catch exceptions and communicate failures to client	Developer
Implement a global exception handler	Developer

Impersonation and Delegation

Scenario	Personas	Priority
Configure service to run under security principal name to allow client to authenticate	Administrator, Developer
Configure service to use certificate on the local store to allow client to authenticate	Administrator, Developer
Configure service to allow impersonation of clients with windows credentials	Administrator, Developer
Set operation contract attribute to allow impersonation when enabled via service behavior	Developer
Flow identities in message from intermediary for authentication/delegation/auditing	Developer
Configure impersonation to retrieve identities from security context	Developer

Input Validation

Scenario	Personas	Priority
Validate messages with custom schema inspectors	Developer
Validate messages with custom message inspectors	Developer

Message Security

Scenario	Personas	Priority
Credentials are sent in message over https	Administrator, Developer
Credentials are sent in message over http	Administrator, Developer
Credentials are sent in message over TCP	Administrator, Developer
Sensitive data is sent in message over https	Administrator, Developer
Sensitive data is sent in message over http	Administrator, Developer
Sensitive data is sent in message over TCP	Administrator, Developer
Configure message security to support communication via intermediaries	Administrator, Developer
Configure message security to support partial signing of a message	Administrator, Developer
Configure message security to support partial encryption of a message	Administrator, Developer

Proxy

Scenario	Personas	Priority
Proxy is generated from service metadata over HTTP(S)	Developer
Client is configured to use certificate for authentication and message security.	Developer
Proxy is generated from service metadata over TCP	Developer
Proxy is generated from service metadata over MSMQ	Developer
Service operations invocation administratively - Client authenticates with service providing credentials	Developer
Service operations invocation administratively - Client calls service anonymously	Developer
Service operations invocation programmatically - Client authenticates with service providing credentials	Developer
Service operations invocation programmatically - Client calls service anonymously	Developer
Client is invoked via client factory to improve performance	Developer \|

Sensitive Data

Scenario	Personas	Priority
Configure service for message encryption to protect message confidentiality and integrity with certificates	Administrator, Developer
Configure service for message encryption to protect message confidentiality and integrity with Kerberos tickets	Administrator, Developer
Design service to protect parts of the message with partial encryption	Developer
Configure service to secure metadata in an endpoint to be consumed by service clients	Administrator, Developer
Configure service to use transport security	Administrator, Developer
Configure service to change the default message encryption algorithm	Developer

Session Management

Scenario	Personas	Priority
Configure message throttling to avoid denial of service attacks	Administrator, Developer
Design services per session mode	Administrator, Developer
Configure memory limits to avoid denial of service attacks	Administrator, Developer
Configure service for reliable messaging with reliable session and ordering of messages	Administrator, Developer
Implement structured exception handling and state management to avoid state corruption	Developer

Transport Security

Scenario	Personas	Priority
Credentials are sent in transport over https	Administrator, Developer
Sensitive data is sent in transport over https	Administrator, Developer
Configure transport security for end point communication with no intermediaries	Administrator, Developer
Configure transport security for improved performance over message security	Administrator,Developer

Last edited Jan 17, 2008 at 12:50 AM by prashantbansode, version 2

Comments

No comments yet.

download

current	Hello World
date	Thu Jan 17, 2008 at 7:00 AM
status
downloads	26,808
rating	6 ratings

recent reviews

Truly not enough in depth information about best practices of WCF Security. Had to go elsewhere for WCF Security information.

There is no coverage here of Windows Identity Framework. http://msdn.microsoft.com/en-us/library/ff359113.aspx and http://technet.mi... (more)

View all reviews

activity

page views	visits	downloads
1956	1147	151

Days:
7 7
30 30
All All
Details

Updating...

patterns & practices: WCF Security Guidance

Categories

Auditing and logging

Authentication

Authorization

Cryptography

Deployment Considerations

Exception Management

Impersonation and Delegation

Input Validation

Message Security

Proxy

Sensitive Data

Session Management

Transport Security

Comments

recent reviews

activity

Updating...

patterns & practices: WCF Security Guidance

Are you Sure? X

Categories

Auditing and logging

Authentication

Authorization

Cryptography

Deployment Considerations

Exception Management

Impersonation and Delegation

Input Validation

Message Security

Proxy

Sensitive Data

Session Management

Transport Security

Comments

Opera does not support ClickOnce X

recent reviews

activity