Professional ASP.NET Security (Paperback)
Brady Gaster, Dan Kent, Doug Seven, Enrico Sabbadin, Richard Conway, Russ Basiura, Sitaraman Lakshminarayanan, Srinivasa Sivakumar
- 出版商: Wrox Press
- 定價: $1,500
- 售價: 2.7 折 $399
- 語言: 英文
- 頁數: 400
- 裝訂: Paperback
- ISBN: 1861006209
- ISBN-13: 9781861006202
-
相關分類:
.NET、ASP.NET、資訊安全
立即出貨(限量) (庫存=2)
買這商品的人也買了...
-
$2,620$2,489 -
$1,300$1,274 -
$1,560$1,482 -
$1,029Operating System Concepts, 6/e
-
$970Introduction to Algorithms, 2/e
-
$784E-Business & E-Commerce Infrastructure: Technologies Supporting the E-Business I
-
$2,010$1,910 -
$1,575$1,496 -
$1,710$1,625 -
$2,350$2,233 -
$1,340$1,273 -
$249$197 -
$1,274Computer Architecture: A Quantitative Approach, 3/e(精裝本)
-
$2,210$2,100 -
$1,090$1,068 -
$2,350$2,233 -
$1,340$1,273 -
$600$474 -
$760$600 -
$280$221 -
$480$374 -
$1,118Practical Software Engineering : Analysis and Design for the .NET Platform
-
$1,590$1,511 -
$1,270$1,207 -
$2,210$2,100
相關主題
商品描述
This book will show you how to make effective use of the security framework provided by ASP.NET.We cover the key technologies for authentication (identifying users) and authorization (controlling access to recources). We also show how we can use other ASP.NET features to keep our applications secure.
ASP.NET provides a flexible and extensible authentication framework. We present the built in options for authentication, discussing when they should be used and showing how they should be applied for maximum security. For those who have needs beyond what the standard authentication methods provide, we show how to extend and enhance them to create custom security systems.
Authorization is covered in depth. We show how to use the built in authorization system to control access to the resources that a web application exposes. We then take things further by showing how to extend the system to address more advanced authorization scenarios.
Good configuration is vital if your applications are to be secure. We explain how to configure IIS and ASP.NET so that they work together to provide good security. Even with a good authentication and authorization system, there are still many ways in which a web application can be attacked. We show how we can code ASP.NET applications to avoid the most common vulnerabilities. Code Access Security, a good way to restrict what operations code can perform, is introduced with examples that show how it can be applied.
Most of the techniques presented in the rest of the book apply just as well to web services as to browser based web applications. We also discuss some additional techniques particular to web services.
商品描述(中文翻譯)
如果您正在使用ASP.NET建立網頁應用程式或網頁服務,並且希望保持其安全性,這本書就是為您而寫的。
本書將向您展示如何有效利用ASP.NET提供的安全框架。我們涵蓋了身份驗證(識別使用者)和授權(控制對資源的訪問)的關鍵技術。我們還展示了如何使用其他ASP.NET功能來保護我們的應用程式。
ASP.NET提供了一個靈活且可擴展的身份驗證框架。我們介紹了內建的身份驗證選項,討論了何時應該使用它們,並展示了如何應用它們以獲得最大的安全性。對於那些需要超出標準身份驗證方法提供的功能的人,我們展示了如何擴展和增強它們以創建自定義安全系統。
授權方面我們進行了深入探討。我們展示了如何使用內建的授權系統來控制對網頁應用程式公開的資源的訪問。然後,我們進一步展示了如何擴展該系統以應對更高級的授權場景。
良好的配置對於確保應用程式的安全性至關重要。我們解釋了如何配置IIS和ASP.NET,使它們能夠共同提供良好的安全性。即使擁有良好的身份驗證和授權系統,網頁應用程式仍然可能受到多種攻擊方式的威脅。我們展示了如何編寫ASP.NET應用程式以避免最常見的漏洞。我們還介紹了代碼訪問安全性,這是一種限制代碼執行操作的良好方法,並提供了應用示例。
本書其餘部分介紹的大部分技術同樣適用於基於瀏覽器的網頁應用程式和網頁服務。我們還討論了一些特定於網頁服務的附加技術。