This documentation is archived and is not being maintained.

Security Model

Visual Studio .NET 2003

Securability refers to the ability to provide security to an application and its data. Numerous design choices impact the securability of an application, such as the selection of communication protocols and the method of user authentication.

The documentation in this section covers several aspects of choosing a security model for a distributed application created using ASP.NET. When doing so, it is important to understand how decisions made in one area impact the options available in another.

This documentation does not cover every possible aspect of designing for securability, such as auditing and cryptography. For more information, see Designing for Securability.

In This Section

Access Control
Discusses the fundamentals of access control in Microsoft Windows.
IIS Authentication
Discusses the advantages and disadvantages of each IIS authentication method.
ASP.NET Authentication
Discusses the advantages and disadvantages of each ASP.NET authentication method, including interaction with IIS.
Discusses the various methods of resource authorization.
ASP.NET Impersonation
Discusses user impersonation in ASP.NET
ASP.NET Delegation
Discusses delegation of authentication in ASP.NET
ASP.NET Process Identity
Discusses how to specify the ASP.NET process identity.
Database Security
Discusses a variety of secure methods for accessing a database, particularly SQL Server.

Related Sections

Designing for Securability
Describes how the ability of an application to protect its resources impacts application design.
Introduction to Web Application Security
Provides an overview of security for Web applications, describing what types of issues you need to think about when creating Web applications in Visual Studio.
.NET Framework Security
Describes mechanisms for protecting resources and code from unauthorized code and users.
Securing Applications
Describes .NET Framework code access security, role-based security, security policy, and security tools.
ASP.NET Web Application Security
Details how to work with authorization and authentication issues in ASP.NET.
Security Namespaces in Visual Studio
Provides links to topics that support the development of security features based on .NET Framework classes.
Authentication in ASP.NET: .NET Security Guidance (
Discusses the importance of security considerations when designing a server application.