Designing security implementation (15 percent)
- Design role-based security. It may include but is not limited to:
- implementing security by using IPrincipal and IIdentity,
- custom vs. platform security,
- managing user functionality,
- limit or gate access,
- data decoupling,
- designing security profiles
- Design data transmission and storage. It may include but is not limited to:
- SSL,
- encryption (offline data, password management)
- Design authentication and authorization. It may include but is not limited to:
- login mechanism (domain user accounts, SQL Server user accounts),
- role-based application configuration,
- security auditing and logging,
- file system rights and authorization,
- Web service rights and authentication
- Plan Windows Vista compliance. It may include but is not limited to:
- user application data directory (registry settings, isolated storage)
- Plan least-privileged execution. It may include but is not limited to:
- User Access Control (UAC),
- assembly authentication,
- certificate management
