Choosing the Appropriate Technologies from the Identified Techniques

Commerce Server provides authentication features, encryption features, and scripts for granting the appropriate level of permissions for access to databases, views, and stored procedures.

In addition it is recommended that you implement Windows Integrated Security (also known as Kerberos, or Windows Authentication) to secure access to databases, and use Access Control Logs (ACLs), Secure Socket Layer (SSL), Transport Layer Security (TLS), and IPSec authentication.

For a comprehensive discussion of the technologies available to mitigate threats, see Writing Secure Code, by Michael Howard and David LeBlanc. In this online help, the topic, Writing Secure Code, provides information from the book.

Copyright © 2005 Microsoft Corporation.
All rights reserved.