jeudi 27 décembre 2012


If I would have to define WCF I would say that it's the generalization of every know service or communication technology between a client application and a server application.

Considering the Web services for an illustration WCF overcomes its constraints or limitation to provide a broader or more general service technology

    • Web services work only over HTTP, when with WCF communication can happen over HTTP, IPC, MSMQ or TCP
    • Web Services are hosted by a web server such as Apache or IIS and are stateless HTTP request - response kind of communication whereas WCF services can be hosted by a web server, a windows service or even self hosted.
    • ...

WCF basics

In order to use a WCF service we should be able to answer the following questions about WCF basics:
  • Where is the WCF service located?
  • How can a client access the service?
  • What operations can the client perform with that service?
These are the ABCs of WCF, that means the questions about Adress, Binding and Contract.

mercredi 9 avril 2008

WCF is great

Two trials and then the victory. French say "Jamais deux sans trois", but I say "Jamais plus deux sans TOI"

Alain Lompo
Excelta - Conseils et services informatiques
MCSD For Microsoft .Net
MVP Windows Systems Server / Biztalk Server
Certifié ITIL et Microsoft Biztalk Server

Applying Secure Development Lifecycle to WCF

This talk will describe how the Windows Communication Foundation (Indigo) team applied the Trustworthy Computing Security Development Lifecycle to the WCF infrastructure. I’ll elaborate on the processes we followed for design reviews, threat modeling, and security testing. I’ll also describe how these processes (and lessons) can apply to securing your WCF applications

What is the SDL?
Process setup at Microsoft as a part of the TrustWorthy Computing effort.
Parallels standard software development lifecycle.
Focus on threat modeling and testing against threat model
Format: For each step of the process I will introduce the step, application to WCF, and how you can apply the process to your software.
The SDL makes WCF secure.Apply SDL to your product

Secure by Design: the software should be architected, designed, and implemented so as to protect itself and the information it processes, and to resist attacks.
Secure by Default: in the real world, software will not achieve perfect security, so designers should assume that security flaws would be present. To minimize the harm that occurs when attackers target these remaining flaws, software's default state should promote security. For example, software should run with the least necessary privilege, and services and features that are not widely needed should be disabled by default or accessible only to a small population of users.
Secure in Deployment: Tools and guidance should accompany software to help end users and/or administrators use it securely. Additionally, updates should be easy to deploy.

samedi 22 mars 2008


Hey guys,

This blog is for all the geeks who want to share around Windows Communication Foundation

So enjoy it.