While this isn’t a book about Windows security, you can’t hope to build secure DNA applications unless you are aware of the issues involved once you step outside the safe confines of your corporate office network. Although existing security procedures may be in place on your LAN, they often aren't sufficient to properly protect the resources it contains once you start to use it as an Intranet for Windows DNA-style applications.
More to the point, once the great divide is crossed and you offer access to either a limited number of people (as an Extranet), or the whole world via the Internet, you need to be a lot more concerned with securing your system as a whole.
In this chapter we've overviewed the concepts of Windows NT Integrated Security, and seen the major issues that are involved in protecting other resources from intruders. In particular we've seen how Internet Information Server (IIS) fits into the picture, and how you can create specialist security features within your components and ASP scripts to offer even finer access control.
We covered:
In the next chapter we'll complete our look at security topics with a particular focus on Component, MTS, and MSMQ issues. You'll see how the concepts we've covered in this chapter are firmly bound into the way that security is implemented within the working parts of your application—the parts that you as a programmer create.