Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Wcf security session 2


Published on

Published in: Technology, News & Politics
  • Be the first to comment

  • Be the first to like this

Wcf security session 2

  1. 1. Transfer Security Modes
  2. 2. Objectives• Five modes offered for accomplishing three aspects of Transfer Security – None – Transport Security – Message Security – Mixed – Both
  3. 3. None Transfer Security Mode• Turned off• No Client Credentials provided to Service• Highly inadvisable
  4. 4. Transport Transfer Security Mode• Secure Communication Protocol• Encrypts the channel• Integrity ,No Encryption key – corrupt message• Privacy, No other party other than recipient• Mutual Authentication• Assumption – Client and Service negotiate details of encryption – Hardware acceleration entry point• Downside – Point-to-point – Only by intranet applications
  5. 5. Message Transfer Security Mode• Encrypts the message• Securely communicate over non-secure transports Booleancharacter integer
  6. 6. Mixed Transfer Security• Uses Transport for Message integrity and Privacy as well as Service authetication• Message security for Client Credentials• Downside – Point to point – Rarely use this variables
  7. 7. Both Transfer Security mode • Message is encrypted • Transport channel is encrypted • Maximizes Security • Overkill performance literals expressionerror, x not set
  8. 8. Summary• None is highly inadvisable• Transport works good in Intranet apps• Message suits for Internet apps• Mixed rarely used by developers• Both kills performance