Partilhar via


Security Considerations

The topics in this section list various security-related items to consider when designing a Windows Communication Foundation (WCF) application.

In This Section

  • Information Disclosure
    Discusses the various ways that information can be disclosed or attacked, and how to mitigate this.
  • Elevation of Privilege
    Discusses the effects of giving an attacker authorization permissions beyond those initially granted and how to mitigate this.
  • Denial of Service
    Discusses what happens when a system is unable to process messages appropriately and how to mitigate it.
  • Tampering
    Discusses the altering of messages or the delivery of messages and how to mitigate it.
  • Replay Attacks
    Discusses what happens when an attacker copies a stream of messages between two parties and replays the stream to one or more of the parties, and how to mitigate this.
  • Unsupported Scenarios
    Lists various scenarios that do not support a particular aspect of security and should be avoided or considered.

Reference

System.IdentityModel.Tokens

System.IdentityModel.Claims

System.ServiceModel.Security

System.ServiceModel

Security Guidance and Best Practices

See Also

Other Resources

Windows Communication Foundation Security

Build Date: 2011-06-25