| Author |
Message |
Tom
Guest
|
 Posted:
Thu Nov 10, 2005 1:50 pm Post subject:
CMS Security Model |
|
|
Are there any links, diagrams, PDF's, etc. that describe the security model
for CMS?
Thanks
Tom |
|
| Back to top |
|
 |
Stefan [MSFT]
Guest
|
| Posted:
Thu Nov 10, 2005 1:50 pm Post subject:
Re: CMS Security Model |
|
|
Hi Tom,
information about the security model of MCMS are in the MCMS documentation.
What additional information do you need?
Cheers,
Stefan
--
This posting is provided "AS IS" with no warranties, and confers no rights
New to MCMS?
Check out this book: Building Websites Using MCMS: http://tinyurl.com/6zj44
----------------------
"Tom" <Tom@discussions.microsoft.com> wrote in message
news:D838E6D8-E25B-4910-B3F9-6D1F3AE13F4C@microsoft.com...
| Quote: |
Are there any links, diagrams, PDF's, etc. that describe the security
model
for CMS?
Thanks
Tom
|
|
|
| Back to top |
|
|
Stefan [MSFT]
Guest
|
| Posted:
Thu Nov 10, 2005 5:51 pm Post subject:
Re: CMS Security Model |
|
|
Hi Tom,
MCMS relies on the authentication provided by IIS and ASP.NET.
MCMS itself then does authorization based on the AD/NT account impersonated
by IIS/ASP.NET.
With other words: MCMS relies on the fact that IIS and ASP.NET is configured
to target such attacks.
Cheers,
Stefan
--
This posting is provided "AS IS" with no warranties, and confers no rights
New to MCMS?
Check out this book: Building Websites Using MCMS: http://tinyurl.com/6zj44
----------------------
"Tom" <Tom@discussions.microsoft.com> wrote in message
news:288F3DF2-EE6B-4918-808C-9BC97CA1F1A3@microsoft.com...
| Quote: | Stefan:
We used MCMS for an Extranet site for the Executives. It works great.
But
internal audit along with SOX compliance are asking me questions reagrding
the security model for MCMS. I need to document how the MCMS securtiy
model
and describe how MCMS helps prevent attackers from getting through.
Tom
"Stefan [MSFT]" wrote:
Hi Tom,
information about the security model of MCMS are in the MCMS
documentation.
What additional information do you need?
Cheers,
Stefan
--
This posting is provided "AS IS" with no warranties, and confers no
rights
New to MCMS?
Check out this book: Building Websites Using MCMS:
http://tinyurl.com/6zj44
----------------------
"Tom" <Tom@discussions.microsoft.com> wrote in message
news:D838E6D8-E25B-4910-B3F9-6D1F3AE13F4C@microsoft.com...
Are there any links, diagrams, PDF's, etc. that describe the security
model
for CMS?
Thanks
Tom
|
|
|
| Back to top |
|
|
Spencer Harbar [MVP]
Guest
|
| Posted:
Thu Nov 10, 2005 5:51 pm Post subject:
Re: CMS Security Model |
|
|
http://www.microsoft.com/technet/prodtechnol/cms/maintain/SecAuth.mspx
is a good overview and still totally relevant to 2002 - especially the
workflow diagram.
http://www.microsoft.com/technet/images/prodtechnol/cms/maintain/images/scauth01_BIG.gif
if you are interested in more general platform security - this is non MCMS
specific and either IIS and Windows security (see the IIS docs online) or
web application security (see the improving web app security PAG)
hth
Spence
"Tom" <Tom@discussions.microsoft.com> wrote in message
news:288F3DF2-EE6B-4918-808C-9BC97CA1F1A3@microsoft.com...
| Quote: | Stefan:
We used MCMS for an Extranet site for the Executives. It works great.
But
internal audit along with SOX compliance are asking me questions reagrding
the security model for MCMS. I need to document how the MCMS securtiy
model
and describe how MCMS helps prevent attackers from getting through.
Tom
"Stefan [MSFT]" wrote:
Hi Tom,
information about the security model of MCMS are in the MCMS
documentation.
What additional information do you need?
Cheers,
Stefan
--
This posting is provided "AS IS" with no warranties, and confers no
rights
New to MCMS?
Check out this book: Building Websites Using MCMS:
http://tinyurl.com/6zj44
----------------------
"Tom" <Tom@discussions.microsoft.com> wrote in message
news:D838E6D8-E25B-4910-B3F9-6D1F3AE13F4C@microsoft.com...
Are there any links, diagrams, PDF's, etc. that describe the security
model
for CMS?
Thanks
Tom
|
|
|
| Back to top |
|
|
Tom
Guest
|
| Posted:
Thu Nov 10, 2005 5:51 pm Post subject:
Re: CMS Security Model |
|
|
Stefan:
We used MCMS for an Extranet site for the Executives. It works great. But
internal audit along with SOX compliance are asking me questions reagrding
the security model for MCMS. I need to document how the MCMS securtiy model
and describe how MCMS helps prevent attackers from getting through.
Tom
"Stefan [MSFT]" wrote:
| Quote: | Hi Tom,
information about the security model of MCMS are in the MCMS documentation.
What additional information do you need?
Cheers,
Stefan
--
This posting is provided "AS IS" with no warranties, and confers no rights
New to MCMS?
Check out this book: Building Websites Using MCMS: http://tinyurl.com/6zj44
----------------------
"Tom" <Tom@discussions.microsoft.com> wrote in message
news:D838E6D8-E25B-4910-B3F9-6D1F3AE13F4C@microsoft.com...
Are there any links, diagrams, PDF's, etc. that describe the security
model
for CMS?
Thanks
Tom
|
|
|
| Back to top |
|
|
|
|
|
|
FAQ
Memberlist
Register
Profile
Log in to check your private messages
Log in