Programming Windows Security: The Developers Guide (DevelopMentor)

--George V. Reilly, IIS Performance Lead, Microsoft Windows security has often been considered a dry and unapproachable topic. For years, the main examples of programming security were simply exercises in ACL manipulation. Programming Windows Security is a revelation providing developers with insight into the way Windows security really works. This book shows developers the essentials of security in Windows 2000, including coverage of Kerberos, SSL, job objects, the new ACL model, COM+ and IIS 5.0. Also included are highlights of the differences between security in Windows 2000 and in Windows NT 4.0. Programming Windows Security is written by an experienced developer specifically for use by other developers. It focuses on the issues of most concern to developers today: the design and implementation of secure distributed systems using the networking infrastructure provided by Windows, the file server, the web server, RPC servers, and COM(+) servers. Topics covered include: *COM(+) security, from the ground up *IIS security *How the file system redirector works and why developers should care *The RPC security model *Kerberos, NTLM, and SSL authentication protocols and SSPI *Services