Book Review : .NET Security and Cryptography
Well I can't stop writing a review on this book even thought I read only few chapters. The book that I am currently reading is incidently the World's first book on ".NET Secuirty". I am very glad to know that this book may go as a de-facto for students who want to learn .net from security perspective which can lead to a very good programming world of .NET in future as well. As a Microsoft MVP, I had got a chance to observe the community and students around in close, and I got to found one interesting thing amongst students. That is nothing but an intution to break or hack the software. So I learnt that only students can think about security right from the first line of thier code. Since the student community is slowly moving towards .NET development, there is a very strong need of these kind of books to make them write secure code right from the beginning.
The recent initiatives on Trustworthy computing from Microsoft are also very welcome in this perspective. This could help most of the developer to think twice before they write some code which interacts with public systems like internet.
The current book that I am reading (well..to improve my skills in writing secure code ;-)) is "The .NET Security and Cryptography" by Mr. Gnana Arun Ganesh and Peter Thorsteinson. I found this book as very different to read because, right from the first chapter, it made me think like a hacker which is very unlikely of my mindset as a developer. But as this book's preface denotes an old proverb "Think like a fish, if you wanna catch it", the authors of this book tried thier level best to implement the same wherever it is possible. Thanks Guys.
The coolest part of this book is it's practical approach towards the problems in security. You will find detailed explanations and code examples or graphical representations whereever you need of them. This approach gives a relief to the code-N-test developers. Most of the topics are covered with code and graphical representation just as it was taught by some professor in any university.
On .NET lines, this book covers ASP.NET security and web services security, the topics every developer looks for..along with Cryptography lessons from .NET perspective. There is a whole chapter dedicated for "Code Access Security" which made me feel the "Value for Money" and satisfaction as a developer.
The authors of this book has taken one more care at the end of the book. This books ends with a sneak overview of Web services to ensure thier focus towards next generation development platforms and the need of mentioning that. My overall rating is : Gold..Just go and grab one.