Dorrans, Barry
Beginning ASP.NET Security
Beginning ASP.NET 3.5 Security is geared for novice to intermediate ASP.NET programmers who wish to protect and defend their web sites against attack and exploitation. Beginning with a discussion of why we need security and the things that may occur when it is ignored and an overview of how ASP.NET works, readers are taken through the common steps in developing a web site, the security problems each area exposes and how these can be exploited. Visual Studio Security MVP Barry Dorrans teaches readers how they can defend their applications using the standard .NET framework, industry patterns and best practices, code libraries and resources provided by Microsoft and others.
The book is divided into sections including:
- Accepting user input including validation, canonicalization and cross site scripting (XSS)
- Using databases securely including SQL injection attacks and how to securely access your database.
- Keeping secrets including encryption, hashing and how not to leak information
- Authenticating and authorizing including the ASP.NET membership providers, securing sessions and cookie theft.
- Securing the web server including how ASP.NET uses trust levels and how IIS can be security
- Securing web services including WCF and ASMX web services
- Securing the Microsoft ASP.NET Ajax framework
- Thinking securely including an introduction to threat modeling.
Beginning ASP.NET 3.5 Security provides a step by step solution to securing each area of ASP.NET development by providing a practical approach and providing references to examples of web sites that have suffered the exploits and additional material which will inspire readers to investigate and learn more. Readers can check their learning through exercise questions.
Avainsanat: ASP.NET framework, web security, programmer's guide to web security, programming books, web application security, securing web sites, securing online databases, developing secure web sites, designing secure applications with ASP.NET
- Tekijä(t)
- Dorrans, Barry
- Julkaisija
- John Wiley and Sons, Inc.
- Julkaisuvuosi
- 2010
- Kieli
- en
- Painos
- 1
- Sivumäärä
- 436 sivua
- Kategoria
- Tietotekniikka, tietoliikenne
- Tiedostomuoto
- E-kirja
- eISBN (ePUB)
- 9780470970157
- Painetun ISBN
- 9780470743652
