Building Secure ASP.NET Applications

* Online on MSDN: http://msdn.microsoft.com/library/en-us/dnnetsec/html/secnetlpMSDN.asp

Front Matter

* At a Glance: http://msdn.microsoft.com/library/en-us/dnnetsec/html/SecNetglance.asp
* Introduction: http://msdn.microsoft.com/library/en-us/dnnetsec/html/SecNetch01.asp

Chapters

* Ch 1 - Security Model for ASP.NET Applications: http://msdn.microsoft.com/library/en-us/dnnetsec/html/SecNetch02.asp
* Ch 2 - Authentication and Authorization: http://msdn.microsoft.com/library/en-us/dnnetsec/html/SecNetch03.asp
* Ch 3 - Secure Communication: http://msdn.microsoft.com/library/en-us/dnnetsec/html/SecNetch04.asp
* Ch 4 - Intranet Security: http://msdn.microsoft.com/library/en-us/dnnetsec/html/SecNetch05.asp
* Ch 5 - Extranet Security: http://msdn.microsoft.com/library/en-us/dnnetsec/html/SecNetch06.asp
* Ch 6 - Internet Security: http://msdn.microsoft.com/library/en-us/dnnetsec/html/SecNetch07.asp
* Ch 7 - ASP.NET Security: http://msdn.microsoft.com/library/en-us/dnnetsec/html/SecNetch08.asp
* Ch 8 - Enterprise Services Security: http://msdn.microsoft.com/library/en-us/dnnetsec/html/SecNetch09.asp
* Ch 9 - Web Services Security: http://msdn.microsoft.com/library/en-us/dnnetsec/html/SecNetch10.asp
* Ch 10 - .NET Remoting Security: http://msdn.microsoft.com/library/en-us/dnnetsec/html/SecNetch11.asp
* Ch 11 - Data Access Security: http://msdn.microsoft.com/library/en-us/dnnetsec/html/SecNetch12.asp
* Ch 12 - Troubleshooting Security Issues: http://msdn.microsoft.com/library/en-us/dnnetsec/html/SecNetch13.asp

How Tos

* How To: Create a Custom Account To Run ASP.NET
* How To: Use Forms Authentication with Active Directory
* How To: Use Forms Authentication with SQL Server 2000
* How To: Create Objects with Forms Authentication
* How To: Implement Kerberos Delegation for Windows 2000
* How To: Implement IPrincipal
* How To: Create a DPAPI Library
* How To: Use DPAPI (Machine Store) from ASP.NET
* How To: Use DPAPI (User Store) from ASP.NET with Enterprise Services
* How To: Create an Encryption Library
* How To: Store an Encrypted Connection String in the Registry
* How To: Use Role-based Security with Enterprise Services
* How To: Call a Web Service Using Client Certificates from ASP.NET
* How To: Call a Web Service Using SSL
* How To: Host a Remote Object in a Windows Service
* How To: Setup SSL on a Web Server
* How To: Setup Client Certificates
* How To: Use to Provide Secure Communication Between Two Servers
* How To: Use SSL to Secure Communication with SQL Server 2000

Reference

* Base Configuration: http://msdn.microsoft.com/library/en-us/dnnetsec/html/SecNetAP01.asp
* Configuration Stores and Tools: http://msdn.microsoft.com/library/en-us/dnnetsec/html/SecNetAP02.asp
* Reference Hub: http://msdn.microsoft.com/library/en-us/dnnetsec/html/SecNetAP03.asp
* How Does It Work?: http://msdn.microsoft.com/library/en-us/dnnetsec/html/SecNetAP04.asp
* ASP.NET Identity Matrix: http://msdn.microsoft.com/library/en-us/dnnetsec/html/SecNetAP05.asp
* Cryptography and Certificates: http://msdn.microsoft.com/library/en-us/dnnetsec/html/SecNetAP06.asp
* .NET Web Application Security: http://msdn.microsoft.com/library/en-us/dnnetsec/html/SecNetAP07.asp
* Glossary: http://msdn.microsoft.com/library/en-us/dnnetsec/html/SecNetAPgl.asp

---

Return to PatternsAndPracticesSecurityWiki