แก้ไข

แชร์ผ่าน


Security Considerations in WCF

The topics in this section list various security-related items to consider when designing a Windows Communication Foundation (WCF) application.

In This Section

Information Disclosure
Discusses the various ways that information can be disclosed or attacked, and how to mitigate this.

Elevation of Privilege
Discusses the effects of giving an attacker authorization permissions beyond those initially granted and how to mitigate this.

Denial of Service
Discusses what happens when a system is unable to process messages appropriately and how to mitigate it.

Tampering
Discusses the altering of messages or the delivery of messages and how to mitigate it.

Replay Attacks
Discusses what happens when an attacker copies a stream of messages between two parties and replays the stream to one or more of the parties, and how to mitigate this.

Security Considerations for Secure Sessions
Discusses the following items that affect security when implementing secure sessions.

Unsupported Scenarios
Lists various scenarios that do not support a particular aspect of security and should be avoided or considered.

Reference

System.IdentityModel.Tokens

System.IdentityModel.Claims

System.ServiceModel.Security

System.ServiceModel

Security Guidance and Best Practices

See also