A lot of enterprises have already deployed the Silverlight plug-in in their Intranet, enabling their Development Teams develop and deploy a new kind of more interactive and powerful web applications.
Some others are about to make the step right now – And their questions are very much the same, lead by the “What about security?” one.
Aim of this post is to help you navigate through a few links that should help find good answers to your (deployment and) security questions:
If you want some basic info on Silverlight www.silverlight.net or http://en.wikipedia.org/wiki/Microsoft_Silverlight will surely help you. Additionally, under www.microsoftpdc.com you can find the most recent information (videos+slides) about Silverlight 4, which was announced in Beta last week.
Silverlight Enterprise Deployment
This paper provides guidance on how to deploy Silverlight within organizations using common infrastructure deployment services. It also describes the installer switches for 3rd party deployment tools or manual script processes for deployment.
>>> UPDATE 2010/07/30
- Security Overview White Paper update: Silverlight Security Overview (Updated for Silverlight 4)
- Shanwn Wildermuth’s session at MIX10: Securing Microsoft Silverlight Applications
<<< UPDATE 2010/07/30
Security for Silverlight 3 is still the same that the one of Silverlight 2 (but won’t be exactly the same for Silverlight 4!).
White Paper: Security Guidance for Silverlight Applications
Provides security guidance when developing and deploying Microsoft Silverlight 2 applications.
Video on Silverlight 2 Security: http://channel9.msdn.com/posts/Jossie/Silverlight-20-Security/
A few basic concepts from the .NET security blog:
Articles on MSDN:
Dr. Dobb’s article
If you are interested on general CLR security (evolution), this video is an excellent starting point: http://channel9.msdn.com/posts/Charles/Shawn-Farkas-CLR-4-Inside-the-new-Managed-Security-Model/. It also contains a pretty large part on Silverlight.