Menu
I'm working on a WCF service that will be communicating over net.tcp to n instances of a client app (that is being developed by another programmer in my office).
At the moment I am using net.tcp without any security as I felt setting this up at this stage wasn't necessary, at least not until we are closer to rolling out.
During the development of a WCF application, is there any harm in using a standard binding (net.tcp in my case) without security, then once the business logic has been completed, implement all the security requirements? Are there any things I need to be aware of that may not function after the implementation of security?
878
To secure an application that runs exclusively on a Windows domain, you can use the default security settings of either the WSHttpBinding or the NetTcpBinding binding. By default, anyone on the same Windows domain can access WCF services. Because those users have logged on to the network, they are trusted.
Windows Communication Foundation (WCF) security has three common security modes that are found on most predefined bindings: transport, message, and "transport with message credential." Two additional modes are specific to two bindings: the "transport-credential only" mode found on the BasicHttpBinding, and the "Both" ...
A WCF service boasts of a robust security system with two security modes or levels so that only an intended client can access the services.
SSL stands for Secure Sockets Layer and, in short, it's the standard technology for keeping an internet connection secure and safeguarding any sensitive data that is being sent between two systems, preventing criminals from reading and modifying any information transferred, including potential personal details.
While your overall design should consider security from the very beginning, I don't think it's a good idea to couple your components to any particular security strategy. You may very well want to use some of your components in a non-secure manner or across a different protocol which offers different security options.
So my answer is yes and no. Yes you need to think about it from the beginning, but no you should not couple your components to your security needs.
That said, since you know that you'll be using net.tcp you should be aware that transport security is turned on by default for this binding.
For tons more information, see Juval Lowy's fantastic Programming WCF Services, chapter 10. Lowy, in his ServiceModelEx library (discussed at length in the book) provides a really nice framework that you can plug in after you've created your components. Even if it's not exactly what you're looking for you can customize it to suit your needs.
182
Security should be thought about from the start, and not added on at the end.
Develop a plan for your security, and implement it as you go, rather then at the end.
Reference: Microsoft .NET: Architecting Applications for the Enterprise
http://www.amazon.com/Microsoft®-NET-Architecting-Applications-PRO-Developer/dp/073562609X
38
You have two choices, bake it in from the beginning, or slap it on at the end. With security in general I would say it really does not work in the icing so you have to make a mess of your cake to get it in there.
However, the way I see your question is you already know you need to do something to solve a security issue, you just have not decided what to do. In that case I would agree with Terry that you should then design around an abstraction that allows you to plugin the eventual solution.
If I were you I would probably do a threat model and use it to consider the inputs and risks presented by your service. This will help you decide what you should do eventually and if your abstraction covers all bases.
44
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
