What all things need to remember while implementing security in a service?
- Whatever data is exchanged can only be understood by proper recipient. Even if somehow unintended recipient gets access to data, he or she should not be able to read it.
In terms of service protection this is called as “Confidentiality”.
- Whatever sender sends, receiver receives it. Let say an intruder comes in between and modifies the data. When data reaches the receiver it should reject it and throw an exception. In simple words data should not be tempered. In terms of service protection we call it “Integrity”.
- Every user should be validated for his/her identity. In terms of service protection that is called authentication.
For technical trainings on various topics like WCF(Windows Communication Foundation), MVC, Business Intelligence, Design Patterns, WPF, TFS and Basic fundamentals feel free to contact SukeshMarla@Gmail.com or visit www.sukesh-marla.com
For more stuff like this, click here. Subscribe to article updates or follow at twitter @SukeshMarla
See following video on creating service using WCF (Windows Communication Foundation): -
Click and see here for more advanced training in WCF(Windows Communication Foundation).