Home > Articles > Programming > Windows Programming

Is .NET Server Really "Trustworthy"?

  • Print
  • + Share This
From changes in IIS 6.0 to addressing buffer overrun issues, from support for new hashing algorithms to the numerous improvements in IPSec and EFS, Windows .NET is a major philosophy overhaul, and its effects are going to be felt throughout the computing industry. Security expert Zubair Alexander gives an overview of security enhancements in Windows .NET Server. This includes discussions of Microsoft's Trustworthy Computing initiative and how Microsoft has revamped its philosophy about securing the Windows .NET framework.
Zubair Alexander is the author of Microsoft ISA Server 2000. He specializes in design, implementation, and engineering of enterprise network services. For more information on all of his publications, visit his Web site at www.techgalaxy.net.
From the author of

What's hot these days in the tech industry? Well, Microsoft's .NET initiative, and, of course, security. Bill Gates and Microsoft Corporation have considerable interest in assuring consumers that Microsoft Windows is a secure platform, and that Microsoft is doing everything possible to enhance security in Microsoft products. Of course, as InfoWorld points out, "In the world of IT, giggling usually follows mention of 'Microsoft' and 'security' in the same sentence. That may change, however, following the release of a whitepaper by independent security consultancy Foundstone, in Irvine, Calif., on the security of Microsoft's .Net Framework." (Check out the whitepaper by Foundstone, Inc., an independent security assessment firm that logged more than 2,800 hours reviewing the security architecture of Microsoft .NET Framework.)

With the release of each new version of Windows server operating system, you justifiably expect the security to be enhanced over the previous version. Windows .NET is no exception. This article examines the security updates to Windows .NET Server. The security improvements discussed in this article are based on Windows .NET beta 3. Of course, don't be too surprised if Microsoft decides to add or remove some of these features by the time the product is released. After all, .NET Server is still in beta phase; based on previous experiences, some of the code may change in the released version.

Let's begin by looking at some of the areas on which Microsoft is focusing in Windows .NET Server. This is by no means a complete listing of all the security changes, but this overview will give you a pretty good idea of the direction in which Microsoft is headed.

  • + Share This
  • 🔖 Save To Your Account