Title Details

Beginning ASP.NET Security
Buy Rights Online Buy Rights

Rights Contact Login For More Details

  • Wiley

More About This Title Beginning ASP.NET Security

  • English

English

Programmers: protect and defend your Web apps against attack!

You may know ASP.NET, but if you don't understand how to secure your applications, you need this book. This vital guide explores the often-overlooked topic of teaching programmers how to design ASP.NET Web applications so as to prevent online thefts and security breaches.

You'll start with a thorough look at ASP.NET 3.5 basics and see happens when you don't implement security, including some amazing examples. The book then delves into the development of a Web application, walking you through the vulnerable points at every phase. Learn to factor security in from the ground up, discover a wealth of tips and industry best practices, and explore code libraries and more resources provided by Microsoft and others.

  • Shows you step by step how to implement the very latest security techniques
  • Reveals the secrets of secret-keeping—encryption, hashing, and not leaking information to begin with
  • Delves into authentication, authorizing, and securing sessions
  • Explains how to secure Web servers and Web services, including WCF and ASMX
  • Walks you through threat modeling, so you can anticipate problems
  • Offers best practices, techniques, and industry trends you can put to use right away

Defend and secure your ASP.NET 3.5 framework Web sites with this must-have guide.

  • English

English

Barry Dorrans is a consultant, speaker and Microsoft MVP in the "Visual Tools – Security" category. His approach to development and writing blends humor with the paranoia suitable for considering security.
  • English

English

ACKNOWLEDGMENTS xi

INTRODUCTION xxi

CHAPTER 1: WHY WEB SECURITY MATTERS 1

CHAPTER 2: HOW THE WEB WORKS 15

CHAPTER 3: SAFELY ACCEPTING USER INPUT 39

CHAPTER 4: USING QUERY STRINGS, FORM FIELDS, EVENTS, AND BROWSER INFORMATION 65

CHAPTER 5: CONTROLLING INFORMATION 87

CHAPTER 6: KEEPING SECRETS SECRET — HASHING AND ENCRYPTION 117

CHAPTER 7: ADDING USERNAMES AND PASSWORDS 151

CHAPTER 8: SECURELY ACCESSING DATABASES 185

CHAPTER 9: USING THE FILE SYSTEM 207

CHAPTER 10: SECURING XML 225

CHAPTER 11: SHARING DATA WITH WINDOWS COMMUNICATION FOUNDATION 255

CHAPTER 12: SECURING RICH INTERNET APPLICATIONS 289

CHAPTER 13: UNDERSTANDING CODE ACCESS SECURITY 315

CHAPTER 14: SECURING INTERNET INFORMATION SERVER (IIS) 329

CHAPTER 15: THIRD-PARTY AUTHENTICATION 359

CHAPTER 16: SECURE DEVELOPMENT WITH THE ASP.NET MVC FRAMEWORK 385

MVC Framework 398

INDEX 399

loading