Building Secure Microsoft ASP.NET Applications

Overview

Building secure distributed Web applications can be challenging. It usually involves integrating several different technologies and products—yet your complete application will only be as secure as its weakest link. This guide presents a practical, scenario-driven approach to designing and building security-enhanced ASP.NET applications for Microsoft® Windows® 2000 and version 1.1 of the Microsoft .NET Framework. It focuses on the key elements of authentication, authorization, and secure communication within and ...

See more details below
Available through our Marketplace sellers.
Other sellers (Paperback)
  • All (16) from $1.99   
  • New (4) from $5.49   
  • Used (12) from $1.99   
Close
Sort by
Page 1 of 1
Showing All
Note: Marketplace items are not eligible for any BN.com coupons and promotions
$5.49
Seller since 2007

Feedback rating:

(587)

Condition:

New — never opened or used in original packaging.

Like New — packaging may have been opened. A "Like New" item is suitable to give as a gift.

Very Good — may have minor signs of wear on packaging but item works perfectly and has no damage.

Good — item is in good condition but packaging may have signs of shelf wear/aging or torn packaging. All specific defects should be noted in the Comments section associated with each item.

Acceptable — item is in working order but may show signs of wear such as scratches or torn packaging. All specific defects should be noted in the Comments section associated with each item.

Used — An item that has been opened and may show signs of wear. All specific defects should be noted in the Comments section associated with each item.

Refurbished — A used item that has been renewed or updated and verified to be in proper working condition. Not necessarily completed by the original manufacturer.

New
2003-02-01 Paperback New Because of size or weight, SHIPS TO USA ONLY and MEDIA/STANDARD mail ONLY! !

Ships from: Wilmington, NC

Usually ships in 1-2 business days

  • Canadian
  • Standard, 48 States
  • Standard (AK, HI)
  • Express, 48 States
  • Express (AK, HI)
$19.12
Seller since 2008

Feedback rating:

(175)

Condition: New
0735618909 BRAND NEW NEVER USED IN STOCK 125,000+ HAPPY CUSTOMERS SHIP EVERY DAY WITH FREE TRACKING NUMBER

Ships from: fallbrook, CA

Usually ships in 1-2 business days

  • Standard, 48 States
  • Standard (AK, HI)
$39.97
Seller since 2014

Feedback rating:

(2)

Condition: New
PAPERBACK New 0735618909 Brand New, Unread Copy in Perfect Condition. This is Student US Edition. May be publisher overstock and have slight shelf wear. Same day shipping with ... free tracking number. Expedited shipping available. A+ Customer Service! Read more Show Less

Ships from: Lynnwood, WA

Usually ships in 1-2 business days

  • Canadian
  • International
  • Standard, 48 States
  • Standard (AK, HI)
  • Express, 48 States
  • Express (AK, HI)
$45.00
Seller since 2015

Feedback rating:

(218)

Condition: New
Brand new.

Ships from: acton, MA

Usually ships in 1-2 business days

  • Standard, 48 States
  • Standard (AK, HI)
Page 1 of 1
Showing All
Close
Sort by
Sending request ...

Overview

Building secure distributed Web applications can be challenging. It usually involves integrating several different technologies and products—yet your complete application will only be as secure as its weakest link. This guide presents a practical, scenario-driven approach to designing and building security-enhanced ASP.NET applications for Microsoft® Windows® 2000 and version 1.1 of the Microsoft .NET Framework. It focuses on the key elements of authentication, authorization, and secure communication within and across the tiers of distributed .NET Web applications.

This guide focuses on:

  • Authentication—to identify the clients of your application
  • Authorization—to provide access controls for those clients
  • Secure communication—to help ensure that messages remain private and are not altered by unauthorized parties

Who should read this guide:

Middleware developers and architects who build or plan to build .NET Web applications using ASP.NET, XML Web Services, Enterprise Services (COM+), .NET Remoting, or Microsoft ADO.NET

About “Patterns and Practices”:

Patterns & Practices contain specific recommendations illustrating how to design, build, deploy, and operate architecturally sound solutions to challenging business and technical scenarios. The technical guidance is reviewed and approved by Microsoft engineering teams, consultants, and Product Support Services, and by partners and customers.

Note: Includes complete sample on the Web.

Read More Show Less

Editorial Reviews

From Barnes & Noble
The Barnes & Noble Review
You’ve just discovered a single source for the techniques you need to secure any ASP.NET web application. Building Secure Microsoft ASP.NET Applications covers authentication, authorization, and secure communications in every tier, addressing nearly every scenario you’re likely to encounter.

Microsoft’s security specialists begin with fundamental application security principles. Some, you’re already well aware of (use defense in depth). Others may require you to rethink your approach (“Reduce surface area”: Avoid exposing information that users don’t need. “Check at the gate”: Don’t always flow a user’s security context to the back end for authorization.)

After reviewing ASP.NET’s new security model, the authors offer practical guidance for designing effective authentication and authorization systems. Should you use Active Directory for authentication, or a custom data store? How do you handle non-Windows clients and servers? When should you depend on trusted subsystems, and when not?

Next, you’ll learn how to use SSL, IPSec, and RPC Encryption to secure sensitive data across networks and the Internet; and how to protect both intranet and extranet applications against both outsiders and rogue insiders.

You’ll find detailed coverage of securing XML-based web services; systems built with .NET Remoting; and data access connections to SQL Server 2000. There’s also a full chapter on protecting .NET “Enterprise Services”: distributed transactions, object pooling, concurrency management, and other middleware functions.

The book closes with security troubleshooting, and several invaluable “How-to” chapters. Among these: authenticating SQL Server forms; securing database communications; calling web services via SSL; and using the Win32 Data Protection API. Bill Camarda

Bill Camarda is a consultant, writer, and web/multimedia content developer. His 15 books include Special Edition Using Word 2000 and Upgrading & Fixing Networks for Dummies, Second Edition.

Read More Show Less

Product Details

  • ISBN-13: 9780735618909
  • Publisher: Microsoft Press
  • Publication date: 2/5/2003
  • Series: Developer Reference Series
  • Edition number: 1
  • Pages: 624
  • Product dimensions: 7.46 (w) x 9.14 (h) x 1.33 (d)

Meet the Author

Founded in 1975, Microsoft® is the worldwide leader in software, services, and solutions that help people and businesses realize their full potential. Since 1988, Microsoft has been building accessibility options right into its products to enable everyone to personalize their PCs to make them easier and more comfortable to see, hear, and use.

Read More Show Less

Table of Contents

Acknowledgements

Preface

Chapter 1: Introduction

Chapter 2: Security Model for ASP.NET Applications

Chapter 3: Authentication and Authorization Design

Chapter 4: Secure Communication

Chapter 5: Intranet Security

Chapter 6: Extranet Security

Chapter 7: Internet Security

Chapter 8: ASP.NET Security

Chapter 9: Enterprise Services Security

Chapter 10: Web Services Security

Chapter 11: .NET Remoting Security

Chapter 12: Data Access Security

Chapter 13: Troubleshooting Security Issues

Appendix : Index of How Tos

Appendix : How To: Create a Custom Account to Run ASP.NET

Appendix : How To: Use Forms Authentication with Active Directory

Appendix : How To: Use Forms Authentication with SQL Server 2000

Appendix : How To: Create GenericPrincipal Objects with Forms Authentication

Appendix : How To: Implement Kerberos Delegation for Windows 2000

Appendix : How To: Implement IPrincipal

Appendix : How To: Create a DPAPI Library

Appendix : How To: Use DPAPI (Machine Store) from ASP.NET

Appendix : How To: Use DPAPI (User Store) from ASP.NET with Enterprise Services

Appendix : How To: Create an Encryption Library

Appendix : How To: Store an Encrypted Connection String in the Registry

Appendix : How To: Use Role-based Security with Enterprise Services

Appendix : How To: Call a Web Service Using Client Certificates from ASP.NET

Appendix : How To: Call a Web Service Using SSL

Appendix : How To: Host a Remote Object in a Windows Service

Appendix : How To: Set Up SSL on a Web Server

Appendix : How To: Set Up Client Certificates

Appendix : How To: Use IPSec to Provide Secure Communication Between Two Servers

Appendix : How To: Use SSL to Secure Communication with SQL Server 2000

Appendix : Base Configuration

Appendix : Configuration Stores and Tools

Appendix : Reference Hub

Appendix : How Does It Work?

Appendix : ASP.NET Identity Matrix

Appendix : Cryptography and Certificates

Appendix : .NET Web Application Security

Glossary

Appendix : Microsoft® patterns & practices

Read More Show Less

Customer Reviews

Be the first to write a review
( 0 )
Rating Distribution

5 Star

(0)

4 Star

(0)

3 Star

(0)

2 Star

(0)

1 Star

(0)

Your Rating:

Your Name: Create a Pen Name or

Barnes & Noble.com Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & Noble.com that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & Noble.com does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at BN.com or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation

Reminder:

  • - By submitting a review, you grant to Barnes & Noble.com and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Noble.com Terms of Use.
  • - Barnes & Noble.com reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & Noble.com also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on BN.com. It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

 
Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously

    If you find inappropriate content, please report it to Barnes & Noble
    Why is this product inappropriate?
    Comments (optional)