Présentation de l'éditeur
You may know ASP.NET, but if you don't understand how to secure your applications, you need this book. This vital guide explores the often-overlooked topic of teaching programmers how to design ASP.NET Web applications so as to prevent online thefts and security breaches.
You'll start with a thorough look at ASP.NET 3.5 basics and see happens when you don't implement security, including some amazing examples. The book then delves into the development of a Web application, walking you through the vulnerable points at every phase. Learn to factor security in from the ground up, discover a wealth of tips and industry best practices, and explore code libraries and more resources provided by Microsoft and others.
- Shows you step by step how to implement the very latest security techniques
- Reveals the secrets of secret-keeping—encryption, hashing, and not leaking information to begin with
- Delves into authentication, authorizing, and securing sessions
- Explains how to secure Web servers and Web services, including WCF and ASMX
- Walks you through threat modeling, so you can anticipate problems
- Offers best practices, techniques, and industry trends you can put to use right away
Defend and secure your ASP.NET 3.5 framework Web sites with this must-have guide.
Quatrième de couverture
Beginning ASP.NET Security is for novice to intermediate ASP.NET programmers and provides a step–by–step solution to securing each area of ASP.NET development. Rather than approaching security from a theoretical direction, MVP Barry Dorrans shows you examples of how everyday code can be attacked, and describes the steps necessary for defense. Inside, you ll learn how you can defend your ASP.NET applications using the .NET framework, industry patterns and best practices, code libraries and resources provided by Microsoft and others.
Beginning ASP.NET Security:
Explores issues with user input including validation, cross–site scripting (XSS) and cross–site request forgery (CSRF)
Teaches how to securely access your database and defend against SQL injection attacks
Shares techniques for keeping secrets, including encryption, hashing and preventing information leaks
Examines methods for authenticating and authorizing users, including ASP.NET membership providers and preventing cookie theft
Shares tips for securing your web server, including how ASP.NET uses trust levels and locking down IIS
Unveils ways to securely use WCF web services
Presents security with the Microsoft ASP.NET Ajax framework and Silverlight
Includes an overview of security with the Microsoft MVC framework
Wrox Beginning guides are crafted to make learning programming languages and technologies easier than you think, providing a structured, tutorial format that will guide you through all the techniques involved.
Join our Programmer to Programmer forums to ask and answer programming questions about this book, join discussions on the hottest topics in the industry, and connect with fellow programmers from around the world.
Take advantage of free code samples from this book, as well as code samples from hundreds of other books, all ready to use.
Find articles, ebooks, sample chapters and tables of contents for hundreds of books, and more reference resources on programming topics that matter to you.