Categories

Auditing and logging Authentication Authorization Cryptography Deployment Considerations Exception Management Impersonation and Delegation Input Validation Message Security Proxy Sensitive Data Session Management Transport Security

Auditing and logging

Scenario
Configure service to enable authentication auditing Configure service to enable authorization auditing Configure service to enable transport level logging Configure service to enable message level logging Configure service to enable logging with filters Configure service to enable tracing with different levels of information Enable performance counters to monitor denial of service conditions Configure service to enable WMI provider View log and trace files for auditing purposes

Personas
Administrator Developer Administrator Developer Administrator Developer Administrator Developer Administrator Developer Administrator Developer Administrator Developer Administrator Developer Administrator

Priority

Authentication
Scenario
Configure service with NTLM authentication Configure service with basic authentication Configure service with digest authentication

Personas
Administrator Developer Administrator Developer Administrator

Priority

Configure service with windows authentication Configure service with issue token authentication Configure service with username/password authentication Configure service with no credentials Configure service with certificate authentication Pass service certificate via secure session negotiation Pass NTLM credentials via secure session negotiation Implement custom credential validation

Developer Administrator Developer Administrator Developer Administrator Developer Administrator Developer Administrator Developer Administrator Developer Administrator Developer Developer

Authorization
Scenario
Configure service to use a Windows provider to authorize users Configure service to use an ASP.NET role provider Configure service to use a custom authorization provider Configure service to use custom security policies Mark an operation contract with security demands attribute Perform authorization based on a programmatically verified claim

Personas
Administrator Developer Administrator Developer Administrator Developer Administrator Developer Developer Developer

Priority

Cryptography
Scenario
Implement custom binding with cryptographic algorithms for encrypting/signing messages Implement custom binding to sign message without encryption Implement custom binding to encrypt message without signing

Personas
Developer Developer Developer

Priority

Deployment Considerations
Scenario
Host service in IIS for HTTP(s) communication

Personas
Administrator Developer

Priority

Developer Administrator Developer Host service in medium trust Administrator Developer Configure certificate in IIS to enable SSL in a virtual directory Administrator hosting service Developer Configure certificate to enable SSL in a self hosted service Administrator Developer Configure certificate on a client local store for message Administrator encryption and authentication Developer Configure partner public key certificates in local store for Administrator authorization Developer Configure IIS for authentication Administrator Store encryption keys in a secure location Administrator Developer Encrypt all or part of a web configuration file Administrator Developer Map certificates with accounts in active directory Administrator Developer Configure Active Directory groups and accounts for roleAdministrator based authorization checks Developer Configure Cardspace accounts Administrator Developer Configure Security Token Service (STS) Administrator Developer Configure MSMQ accounts and security Administrator Developer

Host service in Windows Activation server (WAS) for TCP communication Host service in Windows Activation server (WAS) for HTTP(s) communication Self-host service in windows service for HTTP(s) communication Self-host service in windows service for TCP communication Host service with least privilege account

Administrator Developer Administrator Developer Developer

Exception Management
Scenario
Design fault contracts to allow services to declare known faults for each operation Design service with exceptions handling that will not divulge information to the client Enable debugging behavior to allow debug information to be propagated to the client Clients handle exceptions in stateful services Design operations to catch exceptions and communicate failures to client

Personas
Developer Developer Administrator Developer Developer Developer

Priority

Implement a global exception handler

Developer

Impersonation and Delegation

Scenario
Configure service to run under security principal name to allow client to authenticate Configure service to use certificate on the local store to allow client to authenticate Configure service to allow impersonation of clients with windows credentials Set operation contract attribute to allow impersonation when enabled via service behavior Flow identities in message from intermediary for authentication/delegation/auditing Configure impersonation to retrieve identities from security context

Personas
Administrator Developer Administrator Developer Administrator Developer Developer Developer Developer

Priority

Input Validation
Scenario
Validate messages with custom schema inspectors Validate messages with custom message inspectors

Personas
Developer Developer

Priority

Message Security
Scenario
Credentials are sent in message over https Credentials are sent in message over http Credentials are sent in message over TCP Sensitive data is sent in message over https Sensitive data is sent in message over http Sensitive data is sent in message over TCP Configure message security to support communication via intermediaries Configure message security to support partial signing of a message Configure message security to support partial encryption of a message

Personas
Administrator Developer Administrator Developer Administrator Developer Administrator Developer Administrator Developer Administrator Developer Administrator Developer Administrator Developer Administrator Developer

Priority

Proxy
Scenario Personas Priority

Proxy is generated from service metadata over HTTP(S) Client is configured to use certificate for authentication and message security. Proxy is generated from service metadata over TCP Proxy is generated from service metadata over MSMQ Service operations invocation administratively - Client authenticates with service providing credentials Service operations invocation administratively - Client calls service anonymously Service operations invocation programmatically - Client authenticates with service providing credentials Service operations invocation programmatically - Client calls service anonymously Client is invoked via client factory to improve performance

Developer Developer Developer Developer Developer Developer Developer Developer Developer

Sensitive Data
Scenario
Configure service for message encryption to protect message confidentiality and integrity with certificates

Personas
Administrator Developer

Priority

Configure service for message encryption to protect message confidentiality and integrity with Kerberos tickets Design service to protect parts of the message with partial encryption Configure service to secure metadata in an endpoint to be consumed by service clients Configure service to use transport security Configure service to change the default message encryption algorithm

Administrator Developer Developer Administrator Developer Administrator Developer Developer

Session Management
Scenario
Configure message throttling to avoid denial of service attacks Design services per session mode Configure memory limits to avoid denial of service attacks Configure service for reliable messaging with reliable session and ordering of messages Implement structured exception handling and state management to avoid state corruption

Personas
Administrator Developer Administrator Developer Administrator Developer Administrator Developer Developer

Priority

Transport Security
Scenario
Credentials are sent in transport over https Sensitive data is sent in transport over https Configure transport security for end point communication with no intermediaries Configure transport security for improved performance over message security

Personas
Administrator Developer Administrator Developer Administrator Developer Administrator Developer

Priority