Beginning ASP.NET Security

  • ID: 1233075
  • Book
  • 436 Pages
  • John Wiley and Sons Ltd
1 of 4
A practical guide to securing ASP.NET sites

Beginning ASP.NET Security is for novice to intermediate ASP.NET programmers and provides a step–by–step solution to securing each area of ASP.NET development. Rather than approaching security from a theoretical direction, MVP Barry Dorrans shows you examples of how everyday code can be attacked, and describes the steps necessary for defense. Inside, you ll learn how you can defend your ASP.NET applications using the .NET framework, industry patterns and best practices, code libraries and resources provided by Microsoft and others.

Beginning ASP.NET Security:

Explores issues with user input including validation, cross–site scripting (XSS) and cross–site request forgery (CSRF)

Teaches how to securely access your database and defend against SQL injection attacks

Shares techniques for keeping secrets, including encryption, hashing and preventing information leaks

Examines methods for authenticating and authorizing users, including ASP.NET membership providers and preventing cookie theft

Shares tips for securing your web server, including how ASP.NET uses trust levels and locking down IIS

Unveils ways to securely use WCF web services

Presents security with the Microsoft ASP.NET Ajax framework and Silverlight

Includes an overview of security with the Microsoft MVC framework

Wrox Beginning guides are crafted to make learning programming languages and technologies easier than you think, providing a structured, tutorial format that will guide you through all the techniques involved.

Programmer Forums
Join our Programmer to Programmer forums to ask and answer programming questions about this book, join discussions on the hottest topics in the industry, and connect with fellow programmers from around the world.

Code Downloads
Take advantage of free code samples from this book, as well as code samples from hundreds of other books, all ready to use.

Read More
Find articles, ebooks, sample chapters and tables of contents for hundreds of books, and more reference resources on programming topics that matter to you.

wrox.com
READ MORE
Note: Product cover images may vary from those shown
2 of 4
ACKNOWLEDGMENTS xi

INTRODUCTION xxi

CHAPTER 1: WHY WEB SECURITY MATTERS 1

CHAPTER 2: HOW THE WEB WORKS 15

CHAPTER 3: SAFELY ACCEPTING USER INPUT 39

CHAPTER 4: USING QUERY STRINGS, FORM FIELDS, EVENTS, AND BROWSER INFORMATION 65

CHAPTER 5: CONTROLLING INFORMATION 87

CHAPTER 6: KEEPING SECRETS SECRET HASHING AND ENCRYPTION 117

CHAPTER 7: ADDING USERNAMES AND PASSWORDS 151

CHAPTER 8: SECURELY ACCESSING DATABASES 185

CHAPTER 9: USING THE FILE SYSTEM 207

CHAPTER 10: SECURING XML 225

CHAPTER 11: SHARING DATA WITH WINDOWS COMMUNICATION FOUNDATION 255

CHAPTER 12: SECURING RICH INTERNET APPLICATIONS 289

CHAPTER 13: UNDERSTANDING CODE ACCESS SECURITY 315

CHAPTER 14: SECURING INTERNET INFORMATION SERVER (IIS) 329

CHAPTER 15: THIRD–PARTY AUTHENTICATION 359

CHAPTER 16: SECURE DEVELOPMENT WITH THE ASP.NET MVC FRAMEWORK 385

MVC Framework 398

INDEX 399
Note: Product cover images may vary from those shown
3 of 4

Loading
LOADING...

4 of 4
Barry Dorrans is a consultant, speaker and Microsoft MVP in the "Visual Tools Security" category. His approach to development and writing blends humor with the paranoia suitable for considering security.
Note: Product cover images may vary from those shown
5 of 4
Note: Product cover images may vary from those shown
Adroll
adroll