Common Security Scenarios

This page is specific to

Microsoft Visual Studio 2008/.NET Framework 3.5

Other versions are also available for the following:

.NET Framework 3.0

Common Security Scenarios

The topics in this section catalog a number of possible client and service security configurations. Configurations vary according to a number of factors. For example, whether a service or client is on an intranet, or whether the security is provided by Windows or transport (such as HTTPS).

In This Section

Internet Unsecured Client and Service: An example of a public, unsecured client and service.

Intranet Unsecured Client and Service: A basic Windows Communication Foundation (WCF) service developed to provide information on a secure private network to a WCF application.

Transport Security with Basic Authentication: The application allows clients to log on using custom authentication.

Transport Security with Windows Authentication: Shows a client and service secured by Windows security.

Transport Security with an Anonymous Client: This scenario uses transport security (such as HTTPS) to ensure confidentiality and integrity.

Transport Security with Certificate Authentication: Shows a client and service secured by a certificate.

Message Security with an Anonymous Client: Shows a client and service secured by WCF message security.

Message Security with a User Name Client: The client is a Windows Forms application that allows clients to log on using a domain user name and password.

Message Security with a Certificate Client: Servers have certificates, and each client has a certificate. A security context is established through Transport Layer Security (TLS) negotiation.

Message Security with a Windows Client: A variation of the certificate client. Servers have certificates, and each client has a certificate. A security context is established through TLS negotiation.

Message Security with a Windows Client without Credential Negotiation: Shows a client and service secured by a Kerberos domain.

Message Security with Mutual Certificates: Servers have certificates, and each client has a certificate. The server certificate is distributed with the application and is available out of band.

Message Security with Issued Tokens: Federated security that enables the establishment of trust between independent domains.

Trusted Subsystem: A client accesses one or more Web services that are distributed across a network. The Web services access additional resources (such as databases or other Web services) that must be secured.