• .NET assemblies contain a collection of types, grouped by namespaces.
• Multifile assemblies can be useful for remote code downloads as well as multi-language development.
• Strong names can prevent evil-doers from successfully tampering with deployed assemblies.
• Obfuscation is a technique which renders an assembly CIL code virtually unreadable.
• Publisher certificates can be embedded into an assembly to identify the assembly’s company of origin.
• Fxcop.exe will automatically check how your assembly stacks up against .NET best practices (security-
centric or otherwise).
• Hash code algorithms produce a ‘digital fingerprint’ for a particular message. The same input yields the
same hash code.
• Hash codes are useful in that they ensure the integrity of a given message.
• The .NET platform supplies several hash code algorithm types (MD5, SHA-1, etc) each of which differ
in terms of the size of the hash code and may differ by input block size and message size limit.
• Keyed hash algorithms provide a way to further ensure the integrity of a given message using a ‘secrete
key’.
• Multifile assemblies can be useful for remote code downloads as well as multi-language development.
• Strong names can prevent evil-doers from successfully tampering with deployed assemblies.
• Obfuscation is a technique which renders an assembly CIL code virtually unreadable.
• Publisher certificates can be embedded into an assembly to identify the assembly’s company of origin.
• Fxcop.exe will automatically check how your assembly stacks up against .NET best practices (security-
centric or otherwise).
• Hash code algorithms produce a ‘digital fingerprint’ for a particular message. The same input yields the
same hash code.
• Hash codes are useful in that they ensure the integrity of a given message.
• The .NET platform supplies several hash code algorithm types (MD5, SHA-1, etc) each of which differ
in terms of the size of the hash code and may differ by input block size and message size limit.
• Keyed hash algorithms provide a way to further ensure the integrity of a given message using a ‘secrete
key’.
.NET Security Summary
Table of Contents
Copyright (c) 2008. Intertech, Inc. All Rights Reserved. This information is to be used exclusively as an
online learning aid. Any attempts to copy, reproduce, or use for training is strictly prohibited.
online learning aid. Any attempts to copy, reproduce, or use for training is strictly prohibited.
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
Courseware
Training Resources
Tutorials