As I wrote in last week's Security UPDATE, Microsoft has been working on its Trustworthy Computing initiative. The initiative involves addressing concerns customers have about the security of Microsoft products, especially the issues customers encounter most frequently. To address those concerns, Microsoft has developed a strategy called SD3+C—Secure by Design, Secure by Default, Secure in Deployment, and Communications.
Secure by Design means better-designed products, more thorough testing and approval processes before release, and more security features. As you know, Microsoft stopped development on Windows Server 2003 for 2 months while the company focused attention on matters such as employee training and product redesign.
The company changed some of the server architecture to improve security. For example, the Web listener is no longer part of the kernel. Also, at a lower level of architecture, Microsoft has improved the server's compilers and changed code-development processes such as the thread-modeling processes. In addition, teams must review and test code to ensure quality—reviews that can stop a product's release until developers change the code.
Secure by Default emphasizes not exposing aspects of functionality unless an administrator wants them exposed. For example, Microsoft IIS and many other services are no longer active by default. Microsoft has added two new accounts for network access and local system access to offer administrators more ways to limit service exposure. In addition, people can't use blank passwords to authenticate to network services.
Microsoft is taking several steps in the areas of Secure by Deployment and Communications. One such step is to offer users more documentation to help architect their particular data centers. Another step is to continue building enterprise customer communications, a response to enterprise customers who assert that they don't have enough communication with Microsoft. But SD3+C contains much more than I can discuss here; you can read about SD3+C's overall premises on Microsoft's Web site.
You might already be aware of some of the matters I mention above. However, on January 27, Microsoft will begin briefing the press in more detail about its security innovations in Windows 2003. Stay tuned, and I hope I'll be able to fill you in on new details in that week's edition of Security UPDATE.
Meanwhile, take advantage of some new documentation Microsoft has made available on its Microsoft Developer Network (MSDN) Web site. In November 2002, Microsoft published the online book "Building Secure ASP.NET Applications: Authentication, Authorization, and Secure Communication." Chapters include Security Model for ASP.NET Applications, Authentication and Authorization, Secure Communication, Intranet Security, Extranet Security, Internet Security, ASP.NET Security, Enterprise Services Security, Web Services Security, Remoting Security, Data Access Security, and Troubleshooting Security Issues. In December, Microsoft published "Building and Configuring More Secure Web Sites," a paper that discusses best practices for Windows 2000 Advanced Server, Internet Information Services (IIS) 5.0, Microsoft SQL Server 2000, and the Microsoft .NET Framework.
Be sure to check out these resources. Also, stop by the .NET Security Web site to see what else you might find useful.
