The ability to provide security to an application and its data is referred to here as securability. The securability of an application is impacted by numerous design choices, such as the selection of communication protocols and the method of user authentication. Most security vulnerabilities are not in security-related code. Instead, they are found in code that is unrelated to security and that was written without attention to security. This is why developers must be keenly aware of application securability.
In This Section
- Securability Overview
- Explains what application securability is and how it is measured.
- Designing for Securability
- Describes how certain design choices affect application securability.
- Testing for Securability
- Explains how to test for securability.
- Staying Secure
- Discusses the need for vigilance after deploying an application.
- Best Practices for Securability
- Provides useful implementation strategies and best practice recommendations.
- Design Goals
- Gives an introduction to six important design issues: availability, manageability, performance, reliability, scalability, and securability.
- Security Model
- Provides recommendations on choosing a security model.
- Discusses how security is implemented in the Duwamish 7.0 enterprise sample application.
- Discusses how security is implemented in the Fitch and Mather 7.0 enterprise sample application.
- Security Best Practices (Platform SDK)
- Provides detailed information about security technologies available in Windows.
- Securing Applications
- Introduces code access security, role-based security, security policy management, and security tools in the .NET Framework.
- ASP.NET Web Application Security
- Explains how ASP.NET and Internet Information Services (IIS) work together to provide Web application security.
- Key Security Concepts
- Provides detailed information about security services provided by the .NET Framework.
- A Blueprint for Building Web Sites Using the Microsoft Windows Platform
- Shows architects and decision makers how to build complex Web sites using Microsoft technologies.
- Security Ramifications for IIS Applications
- Provides an overview of the security issues faced by ASP, component, and ISAPI developers.