Geeks With Blogs


Google My Blog

Catch me at: The List!

My InstallScript Utility Belt My Amazon Wishlist
My Standard Disclaimer

Chris G. Williams Beware: I mix tech and personal interests here.
Book Review - The .NET Developer's Guide to Windows Security by Keith Brown
Microsoft .net Development Series, Addison-Wesley

I have been a fan of Keith Brown and regularly read his blog on so this review may appear biased but I honestly believe this is a very useful book if you want to develop secure applications or are just wondering how security is implemented in windows.

Though this book is available in its entirety on, if you are like me, you will not be disappointed if you kill a tree and buy the book.

The book deals with Windows security, something every windows developer worth his or her salt should know.

The book is organized as a collection of practical, to the point insights on windows security. 75 topics are covered as items. This is what I like the best about this book. Each topic is short, to the point and covers just the right amount of information. Curious readers are urged to do their own further investigations. Although the book does not directly talk about security as implemented in the .net frameworks, and it may appear that the title is a misnomer, the underlying concepts are beautifully described. This is a very easy to read book. You don't have to spend endless brain cycles to in reading a chapter and get something useful. In about 5 minutes you can read most "items" and digest the nugget of security insight.

The 75 items in the book are grouped into 6 parts or categories. Part 1 paints the Big Picture and lays the groundwork. You will learn about different kinds of attacks and how to mitigate them. Part 2 describes what Security context is all about. Here you can read about security tokens, daemons, impersonation and a host of other things you didn't even know about. In part 3 you will learn about Access Control and how to grant/restrict access to various resources. Part 4 talks about COM(+) and Enterprise Services. Part 5 deals with Network Security. You will learn what Kerberos, SSPI and IPSEC are. Part 6 is for items that did not fit under the other 5 parts. One of the misc items talks about how to store secrets on a machine. You can also learn to programmatically log off or reboot a machine.

To summarize, this is a very easy to read book with bite sized information on windows security. As more and more emphasis is being placed on developing secure applications in an increasingly networked world, you will find yourself reaching for this book often.

Go buy it. Rating 5 stars.

Review from: The Greater Charleston .NET User Group Posted on Friday, April 1, 2005 11:25 PM Reviews | Back to top

Comments on this post: review: The .NET Developer's Guide to Windows Security by Keith Brown

No comments posted yet.
Your comment:
 (will show your gravatar)

Copyright © Chris G. Williams | Powered by: