Programming Windows Security
Keith BrownBooks.org participates in affiliate programs including Bookshop.org and the Amazon Services LLC Associates Program. We may earn a commission from qualifying purchases made through links on this page, at no additional cost to you.
Overview
This is one of only a few security books that target software developers. Most are directed at network administrators who want to configure their systems to avoid attacks. Yet Windows programmers have lots of tools at their disposal for securing their applications and most are completely unaware that these tools exist. The first part of the book identifies the crucial elements that a developer must master (e.g. cryptography, authentication, access control, credentials) in order to understand NT security. The second part of the book deals with application of these elements to various tools and programming techniques (COM(+), MTS, MSMQ, Active Directory).Synopsis
This is one of only a few security books that target software developers. Most are directed at network administrators who want to configure their systems to avoid attacks. Yet Windows programmers have lots of tools at their disposal for securing their applications and most are completely unaware that these tools exist. The first part of the book identifies the crucial elements that a developer must master (e.g. cryptography, authentication, access control, credentials) in order to understand NT security. The second part of the book deals with application of these elements to various tools and programming techniques (COM(+), MTS, MSMQ, Active Directory).
Electronic Review of Computer Books - Davide Marcato
Arguably the most significant benefit brought by the transition from Windows 9x to Windows NT-based operating systems has been the addition of a solid security infrastructure. Paradoxically, though, only a minority of developers have taken the time to truly familiarize themselves with the security features of Windows NT 4.0/2000.
I reckon this is for several reasons, the more evident of which is cultural inertia: It is still pretty common among programmers to believe that for some reason security does not really concern them, as they are not working on "critical" portions of a project. After all, absence of security barriers has rarely prevented a system from functioning. Another reason is that in many a project security receives a treatment similar to installation procedures: It is retrofitted into the code base near the end of the development cycle, when deadline pressures and the imperative to preserve the precedent effort push the designated developers to quickly "get it to work", injecting trade-offs and pre-cooked solutions they do not thoroughly understand.
Other developers genuinely attempt to confront the discipline, but they are discouraged by the complexity and dispersion of the technical papers from Microsoft.
Quite frankly, the official documentation is fairly comprehensive, but tends to act more as a reference guide to the APIs and configuration options than an organic coverage of the topic. This raises the barriers to entry to the subject, as most readers first refer to the papers with little or no preventive knowledge and very little time to make up for it.
If you almost automatically pass NULL to any LPSECURITY_ATTRIBUTES parameter in your code and operate the DCOM security configuration utility like you would manipulate nitroglycerin, do not despair: you are in a very crowded company, but there is hope, thanks to Keith Brown's Programming Windows Security. Brown openly admits having been in your shoes and can therefore understand your unease with the seemingly arcane terminology of the security world. His status as an expert software developer and trainer who later specialized in security, as compared to many other authors in this niche who exhibit an academic background and expect their readers to be more comfortable with math than Visual Studio, immensely helps the average developer face the subject in pragmatic and not traumatic way.
The first three chapters of the book present the essentials of security in the Windows platform -- in other words the big picture that everyone on your project team should clearly visualize, managers and network administrators included. Window stations, ACEs and trusting authorities find their definition here. Don't expect to find any code in this first section however, as the focus is entirely on defining the concepts and providing basic knowledge on which to build throughout the book.
Part Two basically picks up all of the concepts illustrated before, one by one, and explores their inner workings, their implications and their implementation through the system API. The language of choice for the samples is C++, but the extensive explanations should allow users of other languages to understand the code and replicate it in their development tools of choice with ease. After all, this is mostly an educational book rather than a how-to text filled with listings to cut and paste.
Part Three tackles the most recent issues of modern software security, examining the issues and technologies to properly implement (and administrate) security plans in a networked scenario, be it a "simple" file server, an n-tier object-based architecture or an application server publicly available on the Web. If you are a COM/MTS/COM+ developer, I recommend you thoroughly study chapter 9, which distills in just less than one hundred pages the historical evolution, the theory and the practice of Microsoft-oriented distributed security from MSRPC parameters all the way up to COM+ security roles.
After finishing reading Programming Windows Security I was surprised by how a single book could guide a nearly security-illiterate reader to very solid and concrete command of the subject in a fairly digestible fashion. In short, if your daily realm of development is a Microsoft platform, the only thing that will help your security efforts more than reading this book is reading it twice.
Editorials
Davide Marcato
Arguably the most significant benefit brought by the transition from Windows 9x to Windows NT-based operating systems has been the addition of a solid security infrastructure. Paradoxically, though, only a minority of developers have taken the time to truly familiarize themselves with the security features of Windows NT 4.0/2000.I reckon this is for several reasons, the more evident of which is cultural inertia: It is still pretty common among programmers to believe that for some reason security does not really concern them, as they are not working on "critical" portions of a project. After all, absence of security barriers has rarely prevented a system from functioning. Another reason is that in many a project security receives a treatment similar to installation procedures: It is retrofitted into the code base near the end of the development cycle, when deadline pressures and the imperative to preserve the precedent effort push the designated developers to quickly "get it to work", injecting trade-offs and pre-cooked solutions they do not thoroughly understand.
Other developers genuinely attempt to confront the discipline, but they are discouraged by the complexity and dispersion of the technical papers from Microsoft.
Quite frankly, the official documentation is fairly comprehensive, but tends to act more as a reference guide to the APIs and configuration options than an organic coverage of the topic. This raises the barriers to entry to the subject, as most readers first refer to the papers with little or no preventive knowledge and very little time to make up for it.
If you almost automatically pass NULL to any LPSECURITY_ATTRIBUTES parameter in your code and operate the DCOM security configuration utility like you would manipulate nitroglycerin, do not despair: you are in a very crowded company, but there is hope, thanks to Keith Brown's Programming Windows Security. Brown openly admits having been in your shoes and can therefore understand your unease with the seemingly arcane terminology of the security world. His status as an expert software developer and trainer who later specialized in security, as compared to many other authors in this niche who exhibit an academic background and expect their readers to be more comfortable with math than Visual Studio, immensely helps the average developer face the subject in pragmatic and not traumatic way.
The first three chapters of the book present the essentials of security in the Windows platform -- in other words the big picture that everyone on your project team should clearly visualize, managers and network administrators included. Window stations, ACEs and trusting authorities find their definition here. Don't expect to find any code in this first section however, as the focus is entirely on defining the concepts and providing basic knowledge on which to build throughout the book.
Part Two basically picks up all of the concepts illustrated before, one by one, and explores their inner workings, their implications and their implementation through the system API. The language of choice for the samples is C++, but the extensive explanations should allow users of other languages to understand the code and replicate it in their development tools of choice with ease. After all, this is mostly an educational book rather than a how-to text filled with listings to cut and paste.
Part Three tackles the most recent issues of modern software security, examining the issues and technologies to properly implement (and administrate) security plans in a networked scenario, be it a "simple" file server, an n-tier object-based architecture or an application server publicly available on the Web. If you are a COM/MTS/COM+ developer, I recommend you thoroughly study chapter 9, which distills in just less than one hundred pages the historical evolution, the theory and the practice of Microsoft-oriented distributed security from MSRPC parameters all the way up to COM+ security roles.
After finishing reading Programming Windows Security I was surprised by how a single book could guide a nearly security-illiterate reader to very solid and concrete command of the subject in a fairly digestible fashion. In short, if your daily realm of development is a Microsoft platform, the only thing that will help your security efforts more than reading this book is reading it twice.
β Electronic Review of Computer Books