Rating: 
Summary: Great book - in depth
Review: This book was great. It did not just scratch the surface like most books, but it went into depth where it was needed. This is the book to have for .NET Security.
Rating: 
Summary: Best security infrastructure book I've read
Review: This is the best book about the security infrastructure of Microsoft .NET Framework that I have ever read. This book has brought me the overall picture of the .NET security system: How does the system work and interact with the existing security system on Win NT platform? In addition, the book is clearly written, well- organized, and full of in-depth information. Overall, I consider this is an excellent book which could satisfy the security needs for all .NET developers and administrators. This book is divided into five sections: 1. Introduction to the .NET Developer Platform Security: This section provides an introduction to the .NET Framework platform and all of the new security features available. Although this section describes only brief information, I still recommend that every one should read it first before jumping to the others. The first section "provides common background material for the topic-specific discussions in the remainder of the book." 2. Code Access Security Fundamentals:
This section provides an extensive introduction to Code Access Security, a powerful and surprising code-based security feature shipping in .NET Framework. Many new terminologies are explained: Evidence, Permissions, Stack Walk, Code Groups, Policy Levels, etc. This section is really difficult. I felt overwhelmed with too many new concepts and skipped it. However, after reading some chapters of the next section, I realized that the code-based security concept is the keystone for the entire security system. I had to come back to section two and read it carefully. Learn from my lesson, you should try to understand it at the first time you read it. 3. ASP.NET and Web Services Security Fundamentals: This section provides brief information about server-side security features of ASP.NET and Web Services. 4. .NET Framework Security Administration: This section provides a comprehensive guide to administer .NET Framework security. It shows you when and how to make modifications. Some topics are presented as tutorials. It is very to easy to capture and follow the steps. 5. .NET Framework Security for Developers The final section is devoted to developers. It provides all needed information to build secure assemblies, web sites, applications, and web services. It also provides an in-depth introduction to the cryptography library shipping in the .NET Framework and to XML digital signatures. For developers who don't have enough time to read the whole book, this is the section that you should spend your time on. -- Review by Trung N.
Rating:
Summary: Very in-depth, excellent
Review: This was awesome. The authors picked apart each new piece of the security model and explained it most clearly. What really helped me though were the code samples - one of those people who learns by doing more than just listening. Definately one to have not only as a reference, but to get a firm understanding of what the underlying structure of .NET Security is all about.
Rating:
Summary: Good Information
Review: When I was assigned the task of finding out what .NET security was all about in the web environment, I didn't know what I was getting into. The whole .NET security infrastructure is really a handful. This book helps the reader understand what its all about. Another thing I like about the book is the fact that it has short chapters. This made it easier for me to read through it with above average speed.
| 
