Đang chuẩn bị liên kết để tải về tài liệu:
Best Practices and Techniques for Building Secure Microsoft® ASP.NET Applications

Web application security is more important than ever. Ensure that security is a consideration in application design. Creating secure Web applications is a series of complex tasks. Promote best techniques for security | Joe Stagner Developer Community Champion Microsoft Corporation JoeStag@Microsoft.com www.ManagedCode.com Best Practices and Techniques for Building Secure Microsoft® ASP.NET Applications So Why This Presentation? Web application security is more important than ever Ensure that security is a consideration in application design Creating secure Web applications is a series of complex tasks Promote best techniques for security Let developers know about new resources available msdn.microsoft.com/library/en-us/dnnetsec/html/ThreatCounter.asp What We Will Cover Why Web application security? Planning for Web application security Authentication and authorization strategies Using the ASP.NET process identity Secure communication Securing secrets and state information Session Prerequisites Level 200 Familiarity with Microsoft® Windows® management tools Familiarity with IIS Management Console C# and ASP.NET coding experience Familiarity with Microsoft® Visual Studio® .NET Basic understanding of Web application security issues Demonstrations Configuring IIS for SSL Configuring ASP.NET Security Using forms authentication with Microsoft® SQL Server™ Creating a GenericPrincipal object for roles-based authorization Before We Start ! SSL IS NOT WEB APPLICATION SECURITY Required Reading Secure Development Agenda Planning for ASP.NET application security Configuring security Programming security Securing secrets ASP.NET process identity Impersonation Accessing resources Securing state information Web farm considerations Securing all tiers Planning for ASP.NET Web Application Security Authentication and Authorization Authentication / authorization request flow Planning for ASP.NET Web Application Security Authentication and Authorization Identify resources exposed to client Identify resource for app Choose authorization strategy Role-based Resource-based Planning for ASP.NET Web Application Security . | Joe Stagner Developer Community Champion Microsoft Corporation JoeStag@Microsoft.com www.ManagedCode.com Best Practices and Techniques for Building Secure Microsoft® ASP.NET Applications So Why This Presentation? Web application security is more important than ever Ensure that security is a consideration in application design Creating secure Web applications is a series of complex tasks Promote best techniques for security Let developers know about new resources available msdn.microsoft.com/library/en-us/dnnetsec/html/ThreatCounter.asp What We Will Cover Why Web application security? Planning for Web application security Authentication and authorization strategies Using the ASP.NET process identity Secure communication Securing secrets and state information Session Prerequisites Level 200 Familiarity with Microsoft® Windows® management tools Familiarity with IIS Management Console C# and ASP.NET coding experience Familiarity with Microsoft® Visual Studio® .NET .