.NET Security and Cryptography

The biggest worry about viruses/worms, especially the Sobig which is still circulating as I write this, is that they are getting more potent, more devastating. To combat them, programming tools and environments need to improve. One major advance is the .NET described in the book. Possibly its nicest attribute is that it enables C# programs. This compile time and runtime environment automatically checks for typesafe operations. Analogous to java and its jvm.

Microsoft is doing its bit to improve, by emphasising safer coding in its operating systems and applications. Though the sheer mass of its pre-.NET/C# code is undoubtedly making this transition a prolonged ongoing process. But you, as a third party developer, also need to pull your own weight, by coding to the ideals described in the book.

Rating:
Summary: Excellent overview of .NET security
Review: Too many books on the topic simply overload the reader with details. This book follows a simple progression in each chapter that makes it easy to read and understand. Ditto with the examples which are written with the same clarity.

Rating:
Summary: Book Review : .NET Security and Cryptography
Review: Well I can't stop writing a review on this book even thought I read only few chapters. The book that I am currently reading is incidently the World's first book on ".NET Secuirty". I am very glad to know that this book may go as a de-facto for students who want to learn .net from security perspective which can lead to a very good programming world of .NET in future as well. As a Microsoft MVP, I had got a chance to observe the community and students around in close, and I got to found one interesting thing amongst students. That is nothing but an intution to break or hack the software. So I learnt that only students can think about security right from the first line of thier code. Since the student community is slowly moving towards .NET development, there is a very strong need of these kind of books to make them write secure code right from the beginning.

The recent initiatives on Trustworthy computing from Microsoft are also very welcome in this perspective. This could help most of the developer to think twice before they write some code which interacts with public systems like internet.

The current book that I am reading (well..to improve my skills in writing secure code ;-)) is "The .NET Security and Cryptography" by Mr. Gnana Arun Ganesh and Peter Thorsteinson. I found this book as very different to read because, right from the first chapter, it made me think like a hacker which is very unlikely of my mindset as a developer. But as this book's preface denotes an old proverb "Think like a fish, if you wanna catch it", the authors of this book tried thier level best to implement the same wherever it is possible. Thanks Guys.

The coolest part of this book is it's practical approach towards the problems in security. You will find detailed explanations and code examples or graphical representations whereever you need of them. This approach gives a relief to the code-N-test developers. Most of the topics are covered with code and graphical representation just as it was taught by some professor in any university.

On .NET lines, this book covers ASP.NET security and web services security, the topics every developer looks for..along with Cryptography lessons from .NET perspective. There is a whole chapter dedicated for "Code Access Security" which made me feel the "Value for Money" and satisfaction as a developer.

The authors of this book has taken one more care at the end of the book. This books ends with a sneak overview of Web services to ensure thier focus towards next generation development platforms and the need of mentioning that. My overall rating is : Gold..Just go and grab one.