.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Win Surprise Gifts!!!

Top 5 Contributors of the Month
david stephan
Gaurav Pal

Home >> Interview Question >> WCF >> Post New Question Subscribe to Interview Questions

What are the 4 security features of WCF?

Posted By :Karthikeyan Anbarasan     Posted Date :December 30, 2010    Points :15   Category :WCF 
1) Authentication
2) Authorization
3) Integrity
4) Confidentiality

You can also find related Interview Question to What are the 4 security features of WCF?  below: 

What are the Security Features in .NET Application ?

Role-based Security:-It allows the user to control the Access the Application Resources and Operations.

Code Access Security:- It allows the user to access the Resources and perform privileged operations. (More...)

ASP.NET Security Fundamental Operations

Security in the context of ASP.NET application involves 3 fundamental operations [1,4,5]:
. Authentication: the process of validating the identity of a user to allow or deny a request [4,9,10]. This involves accepting credentials (e.g. username and password) from the users and validating it against a designated authority. After the identity is verified and validated, the user is considered to be legal and the resource request is fulfilled. Future request from the same user ideally are not subject to the authentication process until the user logs out of the web application.
. Authorization: the process of ensuring that users with valid identity are allowed to access specific resources.
. Impersonation: this process enables an application to ensure the identity of the user, and in turn make request to the other resources. Access to resources will be granted or denied based on the identity that is being impersonated. In other words, impersonation enables a server process to run using the security credentials of the client [6,9]. Thus, the ASP.NET applications are capable to execute the identity of client on whose behalf they are operating.
Since there are a lot of ASP.NET security features to cover, this paper will only focus on authentication in ASP.NET.

Shashi Ray (More...)

Difference of ASP and ASP.NET Security Flow

The security flow for ASP.NET page request is different from the classic ASP security flow. In ASP, IIS impersonates the authenticated user by default, and in ASP.NET, the developer has more control over configuring security at different level [2].

Shasi Ray (More...)

What is CODE Access security?

CAS is part of .NET security model that determines whether or not a piece of code is allowed to run and what resources it can use while running. Example CAS will allow an application to read but not to write and delete a file or a resource from a folder. (More...)

What is CODE Access security?

Code Access Security (CAS), in the Microsoft .NET framework, is Microsoft's solution to prevent untrusted code from performing privileged actions.

It performs following function
1. Defines permissions and permission sets that represent the right to access various system resources.
2. Enables administrators to configure security policy by associating sets of permissions with groups of code (code groups).
3. Enables code to request the permissions it requires in order to run, as well as the permissions that would be useful to have, and specifies which permissions the code must never have.
4. Grants permissions to each assembly that is loaded, based on the permissions requested by the code and on the operations permitted by security policy.
5. Enables code to demand that its callers have specific permissions.
6. Enables code to demand that its callers possess a digital signature, thus allowing only callers from a particular organization or site to call the protected code.
7. Enforces restrictions on code at run time by comparing the granted permissions of every caller on the call stack to the permissions that callers must have. (More...)

How is security managed in SharePoint?

Security can in SharePoint be handled at the machine, domain, or SharePoint level. (More...)

What security levels are assigned to users for a SharePoint Website?

Security levels are assigned by the administrator who is adding the user. There are four levels by default and additional levels can be composed as necessary.
* Reader - Has read-only access to the Web site.
* Contributor - Can add content to existing document libraries and lists.
* Web Designer - Can create lists and document libraries and customize pages in the Web site.
* Administrator - Has full control of the Web site. (More...)

With respect to security, which one is the better choice?.Net or J2EE? Explain?

As per majority programmers .NET is the best one which have single vendor compare to, the ease of use, more use friendly, you can send any problem ,it'll be solved. (More...)

Explain about security of the Ajax based web applications?

The XMLHttpRequest object is subjected to the browsers security sandbox. Any resources requested by the XMLHttpRequest object must reside within the same domain from which the calling script originated from which the calling script requested. XMLHttpRequest cannot request services due to security restriction, outside the domain from which the script was originally served. (More...)

By Default, ASP.NET does not allow HTML tags to be sent to server via client side due to security reason. Which property needs to be set that allows HTML tags to be processed by server?

ValidateRequest Property needs to be set to false. By default it's true so it does not allow unencoded HTML tags to be processed at server. It can be set at page level or at application level via web.config. (More...)

What's the difference between code-based security and role-based security? Which one is better?

Code security is the approach of using permissions and permission sets for a given code to run. Role-based security most of the time involves the code running with the privileges of the current user. Both are equally better. Depending on the deployment type security can be implemented. (More...)

Features of Advanced Ethernet?

1. Advanced Ethernet would use a physical star to match the robustness of Token ring.

2. It would not use more expensive coaxial cables and adopt inexpensive UTP cabling.

3. It would use the same frame types and speeds of the older Ethernets so that new Ethernets will be compatible with older ones. (More...)

Quick Links For Interview Questions Categories:
ASP.Net Windows Application   .NET Framework   C#   VB.Net   ADO.Net  
Sql Server   SharePoint   Silverlight   OOPs   JQuery   JavaScript/VBScript
Biztalk Patten/Practices .IIS WCF WPF WWF
Networking Aptitude Others   All      

Find questions, FAQ's and their answers related to .NET, C#, Vb.Net, Sql Server and many more.

Now you can find lots of .NET, C#, Vb.Net, SQL Server,Windows, ASP.Net related Questions and their Answers here at www.dotnetspark.com. Our aim is to help you pass your certification Exams (MCP, MCSD, MCAD etc.,) with flying scores and get good name in your company.

So, Start looking our Interview Question section daily and improve your .NET Skills. You can also help others by posting Interview Questions and their Answers in this section.

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend