- ホーム
- > 洋書
- > 英文書
- > Internet / Web Programming
Full Description
ProgrammersASP.NET, but if you don't understand how to secure your applications, you need this book. This vital guide explores the often-overlooked topic of teaching programmers how to design ASP.NET Web applications so as to prevent online thefts and security breaches.You'll start with a thorough look at ASP.NET 3.5 basics and see happens when you don't implement security, including some amazing examples. The book then delves into the development of a Web application, walking you through the vulnerable points at every phase. Learn to factor security in from the ground up, discover a wealth of tips and industry best practices, and explore code libraries and more resources provided by Microsoft and others.* Shows you step by step how to implement the very latest security techniques * Reveals the secrets of secret-keeping--encryption, hashing, and not leaking information to begin with * Delves into authentication, authorizing, and securing sessions * Explains how to secure Web servers and Web services, including WCF and ASMX * Walks you through threat modeling, so you can anticipate problems * Offers best practices, techniques, and industry trends you can put to use right awayDefend and secure your ASP.NET 3.5 framework Web sites with this must-have guide.
Contents
ACKNOWLEDGMENTS xi INTRODUCTION xxi CHAPTER 11 CHAPTER 2: HOW THE WEB WORKS 15 CHAPTER 3: SAFELY ACCEPTING USER INPUT 39 CHAPTER 4: USING QUERY STRINGS, FORM FIELDS, EVENTS, AND BROWSER INFORMATION 65 CHAPTER 5: CONTROLLING INFORMATION 87 CHAPTER 6: KEEPING SECRETS SECRET HASHING AND ENCRYPTION 117 CHAPTER 7: ADDING USERNAMES AND PASSWORDS 151 CHAPTER 8: SECURELY ACCESSING DATABASES 185 CHAPTER 9: USING THE FILE SYSTEM 207 CHAPTER 10: SECURING XML 225 CHAPTER 11: SHARING DATA WITH WINDOWS COMMUNICATION FOUNDATION 255 CHAPTER 12: SECURING RICH INTERNET APPLICATIONS 289 CHAPTER 13: UNDERSTANDING CODE ACCESS SECURITY 315 CHAPTER 14: SECURING INTERNET INFORMATION SERVER (IIS) 329 CHAPTER 15: THIRD-PARTY AUTHENTICATION 359 CHAPTER 16: SECURE DEVELOPMENT WITH THE ASP.NET MVC FRAMEWORK 385 MVC Framework 398 INDEX 399
