7. Avoid sensitive work that requires authorization at the service constructor.

避免在服务构造函数上,完成需要授权的工作

8. Avoid demanding a particular user, with or without demanding a role:

避免要求一个特定的用户，不管是否要求的角色

//Avoid:
[PrincipalPermission(SecurityAction.Demand,Name　=　"John")]
public　void　MyMethod()
{...}

9. Do not rely on role-based security in the client’s callback operations.

不要在客户端回调操作里依赖基于角色的安全

10. With Internet clients, always use Message security.

对于Internet客户端，始终使用消息安全

11. Allow clients to negotiate the service certificate (the default).

运行客户端与服务端进行证书协商（默认）

12. Use the ASP.NET providers for custom credentials.

为自定义客户端凭据使用ASP.NET providers

13. When developing a custom credentials store, develop it as a custom ASP.NET provider.

当开发自定义客户端凭据存储的时候，使用自定义ASP.NET provider.

14. Validate certificates using peer trust.

使用对等信任验证证书

The Service Bus

服务总线

1. Prefer the TCP relay binding.

推荐使用TCP Relay绑定