Shulou(Shulou.com)06/01 Report--

This article mainly explains the ".NET development in the Vista system need to pay attention to what problems", the content of the article is simple and clear, easy to learn and understand, the following please follow the editor's ideas slowly in-depth, together to study and learn ".NET development in the Vista system need to pay attention to what problems" bar!

In Microsoft's eyes, one of the main selling points of Windows Vista is its improved security model. From its identification meta-system (metasystem), known as Windows CardSpace, to the sometimes depressing user account control (User Account Control), there are many new security measures for .NET developers to consider, whether in desktop applications or Web applications.

At Tech Ed 2007, a strategic consultant for Rafal Lukawiecki,Project Botticelli outlines Windows Vista's security model and explains how developers can use them to get the most out of them.

Generally speaking, what has attracted the most attention since the launch of Vista is user account Control (User Account Control). This stems from the fact that UAC subverts long-established development habits and runs applications in the manager role, Lukawiecki said.

He added: "if the developer wants to see the content information when the administrator logs in, please go back and change the login method. Otherwise you won't see the prompt dialog box... you have to set some options as an administrator.

To break the habit of developers working in the role of manager, Lukawiecki gives us eight tips to use UAC efficiently in developing Windows Vista applications:

1 determine whether the application requires administrator privileges. "this judgment should have been made in the first place," he said.

2. Test your application in the role of standard user.

3 if you want to store binaries and user configuration data, you should know that the data stored on the hard disk is not very secure.

4 list your security needs as clearly as possible

5 if end users want to upgrade their permissions, you must make sure that the meaning of the dialog you pop up is clear.

6 learn some Windows integrity mechanisms as much as possible, which is a new way to improve the security of inter-process communication.

7 be careful to ask your application to verify that the current user is an administrator, especially when the user is opening files and objects.

Finally, Lukawiecki said, "Max_allowed is not a good thing in vista. It may have been convenient to use in the operating system in the past, but now it is not the case."

With the introduction of UAC technology, Windows Vista has made new changes in security, which is reflected in the login experience. It declares two ways:

First of all, Microsoft realized that there are many ways to log in to an application, from biometrics to card only, to voice, Microsoft has introduced Credential Service Provider UI. This is compatible with a variety of credential providers and provides support for multi-factor proof. Lukawiecki said.

Second, Microsoft adopted the identity Identification Meta system (metasystem) and introduced Windows CardSpace, which enables users to complete multiple online authentication.

So ensuring security is an important part of your software development, so we need to consider five aspects:

1 cycle, managed, managed security testing

2 all components in application development should describe the security level

3 apply threat model analysis to your design phase

4 Security check and testing should be included in the development plan.

5 establish safety standards for the R & D team

Lukawiecki said: "in view of the fact that today's developers pay little attention to security issues, Microsoft has begun to promote the security development life cycle."

Thank you for reading, the above is the content of "what problems .NET development needs to pay attention to under the Vista system". After the study of this article, I believe you have a deeper understanding of what problems .NET development needs to pay attention to under the Vista system, and the specific use needs to be verified in practice. Here is, the editor will push for you more related knowledge points of the article, welcome to follow!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.