ASP.NET Security Roadmap
This ASP.NET Security section includes topics that show you how to improve the security of a Web site or Web project. The topics in this section provide information and code examples that illustrate security methods for ASP.NET Web sites and Web projects. The topics include information about how to mitigate common security threats, how to protect resources in a Web application, and about how to authenticate and authorize individual users.
Note
There are many threats and countermeasures to apply when you secure an ASP.NET application. We strongly recommend that you review and apply the guidance and checklists provided in the articles Improving Web Application Security: Threats and Countermeasures and Building Secure ASP.NET Applications: Authentication, Authorization, and Secure Communication on the Microsoft Patterns and Practices Web site.
Getting started |
|
Common security threats and their mitigation |
|
Security architecture |
|
Authentication (obtaining identification credentials) |
|
Authorization (controlling access to resources) |
|
ASP.NET impersonation |
|
Encrypting connection strings and other configuration information |
|
Guarding against scripting exploits |
|
Securing data connections |
|
Securing hosted Web sites |
|
Locking down an ASP.NET Web site |
|
Best Practices How-to topics |
|
Performing a security review |
|
Security videos (All videos are on external Web sites.) |
See Also
Concepts
Other Resources
Learning ASP.NET 3.5, Second Edition: Build Web Applications with ASP.NET 3.5, AJAX, LINQ, and More
C# 3.0 Cookbook, Third Edition: More than 250 solutions for C# 3.0 programmers
Change History
Date |
History |
Reason |
---|---|---|
July 2008 |
Added topic. |
SP1 feature change. |