.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
 
Sign In
Register
 
Win Surprise Gifts!!!
Congratulations!!!


Top 5 Contributors of the Month
david stephan

Home >> Articles >> WCF >> Post New Resource Bookmark and Share   

 Subscribe to Articles

Security in WCF : Transport level

Posted By:Dhananjay Kumar       Posted Date: February 02, 2010    Points: 25    Category: WCF    URL: http://www.dotnetspark.com  

Security in WCF : Transport level . This article will give a very brief introduction of transport level security in WCF. When we say security at the transport layer, then the main concern is with the integrity, privacy and to certain extent authentication of the message as it travels along the wire.
 

Objective:

This article will give a very brief introduction of transport level security in WCF
  1. When we say security at the transport layer, then the main concern is with the integrity, privacy and to certain extent authentication of the message as it travels along the wire.
  2. In WCF, the secure transports available for use are HTTP, TCP, IP and MSMQ.
  3. For a transport to be secured all the communication that takes place across the channel must be encrypted.

1.gif

2.gif
In WCF Transport layer security is easiest to implement

Advantage of using Transport security:
  • Less chances of sniffing network.
  • Less chances of Phishing network.
  • Less chances of message alteration.
  • Less chances of replay of message attack.

Regardless of the Binding used, Transport level security provides
  • Authentication of the sender.
  • Authentication of the service.
  • Message integrity
  • Message confidentiality.
  • Replay of message detection.

Different Binding and Transport Layer Security

Transport layer security is directly related to binding. The type of transport security that is available depends on binding used.

basicHttpBinding
  1. The basicHttpBinding is the only built in binding that is not secure when configured using the default value.
  2. Security could be enabled on basicHttpBinding.
  3. When security is enabled in basicHttpBinding, it is interoperate with IIS security mechanism.
  4. Security for basicHttpBinding could be configured either in declaratively in code or in configuration.

Attributes of Transport channel

3.gif

Values of attribute type

4.gif

Conclusion:

I discussed in very brief Transport level security in WCF. 
 Subscribe to Articles

     

Further Readings:

Responses

No response found. Be the first to respond this post

Post Comment

You must Sign In To post reply
Find More Articles on C#, ASP.Net, Vb.Net, SQL Server and more Here

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend