Yes, am mentioning about Security at Silverlight applications. Well, most of the developers think that Security is not the feature of the application. and they claim that it is the responsibility of the framework on which they are developing, be it as .net or java or any other. Thus, they don’t even worry about why security should be the core of any application and it should be given prime attention.
Microsoft has an initiative towards security with in any software development life cycle. This initiative is known as SDL, Security Development Lifecycle. Their definition of SDL is neatly designed as displayed.
And also they have released a security guidance document for writing and deploying Silverlight Application. The document can be downloaded from this link. The TOC is some thing like this
Threat Modeling and the Security Development Lifecycle
Background of Web Security
Cross-Site Scripting Attacks
Cross-Site Request Forgeries (CSRF)
A CSRF Mitigation: Nonces
Silverlight and Web Security
Changes from version 1.0 to version 2.0
How Silverlight Works
The Silverlight Sandbox
Cross-Domain Policy Files
How to Maximize Safety of Cross-Domain Access
Trusting Third-Party Domains
LANs and Security Zones
Internet Explorer and the XDomainRequest Object
How can I safely display a Silverlight ad on my Web site?
Is it safe to load arbitrary XAML in my Web page?
Is it safe to load arbitrary XAML from managed code?
Is it safe to display arbitrary media in XAML?
Is it safe to allow users to upload arbitrary XAPs to my Web site?
How can I tell if a file is a Silverlight application?
Is it safe to render XAML or run XAPs on my server?
How can I make sure my XAP is loaded only from a specific domain?
Is it safe to hide secrets in my XAP?
Does the PasswordBox control protect the password in memory?
Where can I find documentation for these features and APIs?