Summary
by Kevin T. Price, Rudi Martin, Matthew Lyons, Sebastian Lange, Brian A. LaMacchia
.NET Framework Security
- Copyright
- About the Authors
- Acknowledgments
- Introduction
- Introduction to the .NET Developer Platform Security
- Code Access Security Fundamentals
- User- and Code-Identity–Based Security: Two Complementary Security Paradigms
- Evidence: Knowing Where Code Comes From
- Permissions: The Workhorse of Code Access Security
- Walking the Stack
- Membership Conditions, Code Groups, and Policy Levels: The Brick and Mortar of Security Policy
- Understanding the Concepts of Strong Naming Assemblies
- Hosting Managed Code
- Verification and Validation: The Backbone of .NET Framework Security
- Security Through the Lifetime of a Managed Process: Fitting It All Together
- ASP.NET and Web Services Security Fundamentals
- .NET Framework Security Administration
- Introduction: .NET Framework Security and Operating System Security
- Administering Security Policy Using the .NET Framework Configuration Tool
- Before Making Any Security Policy Change: Administration Strategies
- Introduction to the .NET Framework Configuration Tool
- Increasing Trust for an Assembly or Software Publisher Using the Trust Assembly Wizard
- Changing Trust for a Zone Using the Adjust Security Wizard
- Manipulating the Security Policy Tree Directly—Basic Techniques
- Testing Security Policy Using the Evaluate Assembly Wizard
- Modeling Policy Changes Using Open and New
- Deploying Security Policy
- Resetting Security Policy
- The .NET Framework Configuration Tool's Self Protection Mechanism
- Administrative Tactics: Scenarios, Solutions, Hints, and Tricks
- Summary
- Administering .NET Framework Security Policy Using Scripts and Security APIs
- Administering an IIS Machine Using ASP.NET
- Administering Clients for .NET Framework Mobile Code
- Administering Isolated Storage and Cryptography Settings in the .NET Framework
- .NET Framework Security for Developers
- Creating Secure Code: What All .NET Framework Developers Need to Know
- Architecting a Secure Assembly
- Implementing a Secure Assembly
- Testing a Secured Assembly
- Writing a Secure Web Site Using ASP.NET
- Writing a Secure Web Application in the .NET Development Platform
- Writing a Semi-Trusted Application
- Using Cryptography with the .NET Framework: The Basics
- Setting the Stage: Key Definitions and Scenarios in Cryptography
- The Cryptographic Object Model of the .NET Framework
- Operating on Streams: CryptoStreams and ICryptoTransforms
- Using Symmetric Algorithms
- Using Cryptographic Hash Functions
- Using Keyed Hash Functions
- Random Number Generation and Key Derivation
- Using Asymmetric Algorithms
- Summary
- Using Cryptography with the .NET Framework: Advanced Topics
- Using Cryptography with the .NET Framework: Creating and Verifying XML Digital Signatures
- Index
Summary
In this chapter, we have covered designing and implementing a secure Web site using ASP.NET. At this point in the book, you should understand how to use authentication and authorization not only from the web.config file but also from within IIS to prevent unauthorized access to your site. Also, you should understand how different attack scenarios operate and how to prevent them. In the next chapter, we will cover creating and deploying a full secure application.
-
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.