zoukankan      html  css  js  c++  java
  • About that task

    I think F designed the solution before deeply researching WCF, especially security aspect.

     

    The most early WI, there is a solution to simulate asp.net session. There’s no transfer secure solution.

    In 2010-08-11 email, there are BL(business logic) analysis and a encryption sample. The BL is very useful, it’s great. The encryption sample can ensure transfer security, but has some defect.

     

    1, one secure communication contains 2 aspect(or demands), 1 is  privacy when transfer, means to encrypt data. After encrypted, a hacker monitored the data transferred, but he can’t understand the information. 2 is anti-deny, means to prevent the data be interpolated or the sender say he didn’t send.

     

    2, the degree of coupling between security codes and BL codes should be reduced as low as possible, and when the system or framework or infrastructure provides the security function or interface, we should use it, not we implement it ourselves. WCF provide security function & extension interface, we don’t need write even one line codes to encrypt data, but edit the configuration file, then the WCF framework will do it. In this way, we only need to focus on the BL.

     

    So the better solution is:

    1.       The encryption sample use AES algorithm, it’s contained in WCF framework, we can edit configuration file to use it, not write codes.

    2.       The secure communication also demands digital signature to anti-deny, so the certificate is required. WCF can also support this kind of mode, no codes required.

     

    In fact, (WCF based on certificate) use PKI processing procedure, If you want to know more, I can explain more detail.

  • 相关阅读:
    linux sar 命令详解
    linux perf
    Linux下的内核测试工具——perf使用简介
    系统级性能分析工具 — Perf
    使用truss、strace或ltrace诊断软件的“疑难杂症”
    6.数组类型和数组指针类型
    5.二级指针
    4.const
    3.字符串
    C/C++ 错误笔记-如果要释放内存,必须拿到内存的首地址进行释放
  • 原文地址:https://www.cnblogs.com/bighuiwolf/p/1808121.html
Copyright © 2011-2022 走看看