Тема выпускной работы: Система моделирования технологической схемы производства и организации работы с документами

Научный руководитель: доцент кафедры компьютерной инженерии, кандидат технических наук Теплинский Сергей Васильевич

Silverlight Security

Securing Your Silverlight Applications

Josh Twist, MSDN Magazine May 2010

In my role as a consultant with Microsoft Services, I have regular discussions with customers and partners about application security. In this article, I’ll explore some of the themes that arise in those discussions. In particular, I’ll focus on the new challenges programmers face when trying to secure Silverlight applications, and I’ll consider where development teams should focus their resources.

This article touches on many technical concepts that you’ll find covered in more detail elsewhere (including this magazine). For this reason, I won’t explore these topics in great technical depth. Instead, the goal of the article is to “connect the dots” and show how you can exploit these concepts to secure your applications.

When planning security for an application, it’s useful to think of three A’s: authentication, authorization and audit.

Authentication is the act of confirming that users are who they claim to be. We usually do this with a user name and password.

Authorization is the process of confirming that a user, once authenticated, actually has the appropriate permissions to perform a particular action or access a particular resource.

Audit is the act of maintaining a record of activity such that actions and requests made upon a system can’t be denied by the user.

I will focus on the first two, authentication and authorization, in the context of a Silverlight application. As this is a Rich Internet Application (RIA), the majority of concepts described in this article apply equally to Asynchronous JavaScript and XML (AJAX) or other RIA approaches. I’ll also discuss how you can prevent unwanted access to your Silverlight application files.

Full acticle can be found here: http://msdn.microsoft.com/en-us/magazine/ff646975.aspx