Building Secure ASP.NET Applications: Authentication, Authorization, and Secure Communication
| Retired Content |
|---|
This content is outdated and is no longer being maintained. It is provided as a courtesy for individuals who are still using these technologies. This page may contain URLs that were valid when originally published, but now link to sites or pages that no longer exist. |
.png "patterns & practices Developer Center")
.NET Web Application Security
J.D. Meier, Alex Mackman, Michael Dunner, and Srinath Vasireddy
Microsoft Corporation
Published: November 2002
Last Revised: January 2006
Applies to:
- Microsoft® ASP.NET
See the "patterns & practices Security Guidance for Applications Index" for links to additional security resources.
See the Landing Page for the starting point and a complete overview of Building Secure ASP.NET Applications.
Summary: This section provides a visual representation of authentication, authorization, and secure communication across the tiers of a typical ASP.NET application. (3 printed pages)
The technologies that fall under the umbrella of the .NET security framework include:
- IIS
- ASP.NET
- Enterprise Services
- Web services
- .NET Remoting
- SQL Server™
These are illustrated in Figure 1.
.gif "Ff649291.fa2sn01(en-us,PandP.10).gif")
Figure 1. The .NET Web application security framework
| Retired Content |
|---|
This content is outdated and is no longer being maintained. It is provided as a courtesy for individuals who are still using these technologies. This page may contain URLs that were valid when originally published, but now link to sites or pages that no longer exist. |