 |  | Dominick Baier Microsoft Yayınları; Belçika, 2006, 14 x 20 cm, 480 sayfa, İngilizce |
Description:
Short Description
Get hands-on, expert guidance for developing more secure Web applications with ASP.NET 2.0. This reference offers best practices and practical instruction with code samples in C# to help build applications that are more resistant to vulnerabilities.
Long Description
Get hands-on, expert guidance for developing more secure Web applications with ASP.NET 2.0 with this in-depth reference. The nature of the Web and its underlying communication protocols make Web applications harder to secure and, therefore, primary targets for hacking attacks and other kinds of compromises. This book guides you through the possible vulnerabilities of Web-based applications and shows you how to help mitigate them in your own applications. Start with the ingredients of security-enhanced Web applications from the ground up, beginning with Web server set-up, and learn how to harden that machine for a potentially hostile environment such as the Internet. Then move on to in-depth treatment of crucial topics such as how to use ASP.NET to perform proper input validation; choosing from the numerous options for authenticating and authorizing users; how to store application-related and user-related sensitive data in a secure fashion; how to incorporate detection; and error logging measures. This guide covers how to integrate ASP.NET into the Microsoft Windows® security infrastructure and how to effectively use impersonation, delegation, and Active Directory® directory service. You will also learn about new Microsoft Windows Server™ 2003 features, such as constrained delegation and protocol transition. Coverage extends to one of the most underutilized features of ASP.NET-running in partial trust. The book concludes with guidance on how to conduct audits and penetration tests and how to integrate them in the development process. Written by a leading authority and trainer, this reference comes complete with best practices based on real-world experience and extensive code samples in C#.
Positioning Statement:
In-depth reference to help developers and architects build more security-enhanced Web applications
Unique Selling Proposition:
Written by a Microsoft Visual Studio® security MVP, this in-depth reference delivers the practical, hands-on, expert guidance that developers need to develop Web applications with ASP.NET 2.0 that are more robust, reliable, and more resistant to attack.
Key Book Benefits:
Delivers practical, hands-on guidance about Web security and ASP.NET 2.0 development
Features best practices from a leading authority and trainer, based on real-world experience
Provides extensive code examples in C#
Will Sell Like:
75% of Writing Secure Code (ISBN: 0-7356-1722-8)
Target Audience:
For experienced to advanced developers and architects who want to build secure Web applications with ASP.NET, especially if the application incorporates back-end databases, sensitive data, or some form of user management. This book assumes prior knowledge of Microsoft.NET, ASP.NET, C#, and Web technologies.
About the Technology:
Microsoft Visual Studio 2005, including ASP.NET 2.0, is the latest version of this widely used development system, with numerous feature enhancements and the latest version,2.0, of the Microsoft.NET Framework. With this development package, developers have at their fingertips the ability to create powerful Windows-based applications, Web applications and services, and mobile or embedded programs, all in the same development environment. Version 2005 is not a minor change to Visual Studio: It is a significant advance, but it does not require retraining for developers already working with the.NET Framework.
About the Author(s) :
Dominick Baier splits his time consulting on software security issues with companies worldwide and leading the security curriculum at DevelopMentor, a developer training company. He is a certified BS 7799/ISO 17799 Lead Auditor and a Microsoft MVP for Visual Developer-Security. In addition, Dominick speaks at industry conferences, contributes to the German MSDN security portal, and hosts a popular blog.
Michael Howard, Series Consulting Editor, is a leading software security expert, author, and architect of security process improvement at Microsoft Corporation.
Author's Hometown:
Mannheim, Germany
Legal Statement:
© 2006 Microsoft Corporation. All rights reserved. Microsoft, Microsoft Press, Active Directory, Visual Studio, Windows, Windows Server, Windows Vista, and WinFX are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. The names of actual products and companies mentioned herein may be the trademarks of their respective owners.
(Tanıtım Bülteninden)
Hiç yorum yok:
Yorum Gönder