|
Developing More-Secure ASP.NET 2.0 Applications
Build your expertise for developing more-secure applications with ASP.NET 2.0. A leading security expert delivers best practices, pragmatic instruction, and extensive code samples in Microsoft Visual C# to help you develop Web applications that are more robust, more reliable, and more resistant to attack. Discover how to: * Harden a Web server, operating
system, communication protocol, and ASP.NET Validate input data with white listing, regular expressions, sandboxing, and other techniques *Understand design and security implications of various cryptography approaches *Integrate with Microsoft Windows security features such as impersonation, delegation and protocol transition *Implement Web farm, single sign-on, and mixed-mode authentication *Use provider-based features for user and role management and authentication *Trace attacks with error-handling, logging, and instrumentation *Lock down your application with partial trust PLUS - Get code samples on the Web
CONTENTS:
Web Application Security
ASP.NET 2.0 Architecture
Input Validation
Storing Secrets
Authentication & Authorization
Security Provider & Controls
Logging & Instrumentation
Partial Trust ASP.NET
Deployment & Configuration
Tools & Resources
Appendices:
Building a Customer Protected Configuration Provider
Session State
Compartmentalizing ASP.NET Applications
Secure Web Services
Unit Testing Web Applications Using Visual Studio Team Edition
Index
|
