Search - Articles
DevASP.NET for ASP.NET, VB.NET, XML and C# (C-Sharp) Developers Tuesday, March 03, 2009
Dev Articles
Search Directory
ASP.NET
VB.Net
C-Sharp
SQL Server
 


Home >Search > Knowledge Base > ASP.Net > Security & Encryption


Search:
What's New - What's Hot
How To: Create an Encryption Library     
Total Hits: 225  |  Today: 0Author: J.D. Meier, Alex Mackman, Michael Dunner, and Srin      Rating:  
Read Reviews | Write Review |  Your Rating: 

This How To shows you how to create a managed class library to provide encryption functionality for applications. It allows an application to choose the encryption algorithm. Supported algorithms include DES, Triple DES, RC2, and Rijndael....

INFO: Deploy an Enterprise Security Policy Before You Install the .NET Framework     
Total Hits: 161  |  Today: 0Author: Microsoft      Rating:  
Read Reviews | Write Review |  Your Rating: 

This article discusses information about deploying a Microsoft .NET Framework enterprise security policy before you install the .NET Framework. This article also describes issues that you may experience when you install the .NET Framework with a restrictive enterprise security policy....

SSL Termination and ASP.NET     
Total Hits: 191  |  Today: 0Author: Microsoft      Rating:  
Read Reviews | Write Review |  Your Rating: 

Welcome to the ASP.NET Support Voice column! My name is Jerry Orman. I have been with Microsoft for over five years, and have spent most of my time focused on Web-related technologies such as Microsoft FrontPage and Microsoft SharePoint Products and Technologies. I've spent the last year working with Microsoft ASP.NET as a support engineer. This month, I'm going to talk about SSL Termination and ASP.NET. In particular, I want to focus on issues that result from a configuration of the server. We'...

How To: Use Role-based Security with Enterprise Services     
Total Hits: 152  |  Today: 0Author: J.D. Meier, Alex Mackman, Michael Dunner, and Srin      Rating:  
Read Reviews | Write Review |  Your Rating: 

Enterprise Services (COM+) provides roles for authorization purposes. This How To shows you how to create and configure a serviced component for method-level role-based security....

How To: Use DPAPI (Machine Store) from ASP.NET     
Total Hits: 151  |  Today: 0Author: J.D. Meier, Alex Mackman, Michael Dunner, and Srin      Rating:  
Read Reviews | Write Review |  Your Rating: 

This How To shows you how to use DPAPI from an ASP.NET Web application or Web service to encrypt sensitive data. Web applications often need to store security-sensitive data, such as database connection strings and service account credentials in application configuration files. For security reasons, this type of information should never is stored in plain text and should always be encrypted prior to storage. This How To describes how to use DPAPI from ASP.NET. This includes ASP.NET Web applicati...

ASP.NET Forms Authentication – Best Practices for Software Developers     
Total Hits: 256  |  Today: 0Author: Rudolph Araujo      Rating:  
Read Reviews | Write Review |  Your Rating: 

ASP.NET does an excellent job of providing out of the box support for multiple forms of authentication using the classes in System.Web.Security namespace. In v1.1 of the framework, there exists support for forms-based, Microsoft Passport based and Integrated Windows (or NTLM) based authentication. These are intended to provide developers with easy access to an intuitive API which they can use to add authentications features to their own applications without having to reinvent it from scratch. As...

How To: Use SSL to Secure Communication with SQL Server 2000     
Total Hits: 285  |  Today: 0      Rating:  
Read Reviews | Write Review |  Your Rating: 

It is often vital for applications to be able to secure the data passed to and from a SQL Server database server. With SQL Server 2000, you can use SSL to create an encrypted channel. This How To shows you how to install a certificate on the database server, configure SQL Server for SSL and to verify that the channel is secure. You can use the Secure Sockets Layer (SSL) protocol to secure the communication link between clients (direct callers) and Microsoft® SQL Server™ 2000. When you configure ...

How To: Use IPSec to Provide Secure Communication Between Two Servers     
Total Hits: 172  |  Today: 0Author: J.D. Meier, Alex Mackman, Michael Dunner, and Srin      Rating:  
Read Reviews | Write Review |  Your Rating: 

IPSec is a technology provided by Windows 2000 that allows you to create encrypted channels between two servers. IPSec can be used to filter IP traffic and to authenticate servers. This How To shows you how to configure IPSec to provide a secure (encrypted) channel. Internet Protocol Security (IPSec) can be used to secure the data sent between two computers, such as an application server and a database server. IPSec is completely transparent to applications because encryption, integrity and auth...

How To: Store an Encrypted Connection String in the Registry     
Total Hits: 418  |  Today: 0Author: J.D. Meier, Alex Mackman, Michael Dunner, and Srin      Rating:  
Read Reviews | Write Review |  Your Rating: 

Applications may choose to store encrypted data such as connection strings and account credentials in the Windows registry. This How To shows you how to store and retrieve encrypted strings in the registry. The registry represents one possible location for an application to store database connection strings. Although individual registry keys can be secured with Windows access control lists (ACLs), for added security you should store encrypted connection strings. This How To describes how to stor...

How To: Implement Iprincipal     
Total Hits: 642  |  Today: 0Author: J.D. Meier, Alex Mackman, Michael Dunner, and Srin      Rating:  
Read Reviews | Write Review |  Your Rating: 

This How To shows you how to create a custom principal object that provides extended role-based functionality that can be used for .NET authorization. The .NET Framework provides the WindowsPrincipal and GenericPrincipal classes, which provide basic role-checking functionality for Windows and non-Windows authentication mechanisms respectively. Both classes implement the IPrincipal interface. To be used for authorization, ASP.NET requires that these objects are stored in HttpContext.User. For Win...

How To: Protect From Injection Attacks in ASP.NET     
Total Hits: 182  |  Today: 0Author: Microsoft Corporation      Rating:  
Read Reviews | Write Review |  Your Rating: 

This How To shows how you can validate input to protect your application from injection attacks. Performing input validation is essential because almost all application-level attacks contain malicious input. You should validate all input, including form fields, query string parameters, and cookies to protect your application against malicious command injection. Assume all input to your Web application is malicious, and make sure that you use server validation for all sources of input. Use client...

HOW TO: Check the Windows Identity in a Client Application in Windows .NET Framework (Q301256)     
Total Hits: 460  |  Today: 0Author: MSDN      Rating:  
Read Reviews | Write Review |  Your Rating: 

This article demonstrates how to use the classes in the System.Security.Principal namespace to check the user's Microsoft Windows user name and group memberships from a client application....

INFO: ASP.NET Security Overview (Q306590)     
Total Hits: 298  |  Today: 0Author: MSDN      Rating:  
Read Reviews | Write Review |  Your Rating: 

ASP.NET gives you more control to implement security for your application. ASP.NET security works in conjunction with Microsoft Internet Information Server (IIS) security and includes authentication and authorization services to implement the ASP.NET security model. ASP.NET also includes a role-based security feature that you can implement for both Microsoft Windows and non-Windows user accounts....

INFO: Implementing Impersonation in an ASP.NET Application (Q306158)      
Total Hits: 420  |  Today: 0Author: MSDN      Rating:  
Read Reviews | Write Review |  Your Rating: 

This article describes different ways to implement impersonation in an ASP.NET application....

HOW TO: Secure an ASP.NET Application by Using Windows Security (Q315736)      
Total Hits: 394  |  Today: 0Author: MSDN      Rating:  
Read Reviews | Write Review |  Your Rating: 

ASP.NET can be used together with Microsoft Internet Information Services (IIS) to authenticate Web users based on their Microsoft Windows 2000 user account credentials. The ASP.NET execution engine can also be configured to impersonate Web users, or to use its own Windows identity when it accesses resources such as databases or Files....

HOW TO: Implement Role-Based Security with Forms-Based Authentication in Your ASP.NET Application by Using Visual Basic .NET (Q306238)     
Total Hits: 1207  |  Today: 0      Rating:  
Read Reviews | Write Review |  Your Rating: 

This article describes how to implement role-based security in an ASP.NET application that implements forms-based authentication using Visual Basic .NET....

How To: Use DPAPI (User Store) from ASP.NET with Enterprise Services     
Total Hits: 144  |  Today: 0Author: J.D. Meier, Alex Mackman, Michael Dunner, and Srin      Rating:  
Read Reviews | Write Review |  Your Rating: 

This How To shows you how to use DPAPI from an ASP.NET Web application or service to encrypt sensitive data. This How To uses DPAPI with the user store, which requires the use of an out of process Enterprise Services component. Web applications often need to store security-sensitive data, such as database connection strings and service account credentials in application configuration files. For security reasons, this type of information should never is stored in plain text and should always be e...

How To: Create a DPAPI Library     
Total Hits: 151  |  Today: 0Author: J.D. Meier, Alex Mackman, Michael Dunner, and Srin      Rating:  
Read Reviews | Write Review |  Your Rating: 

This How To shows you how to create a managed class library that exposes DPAPI functionality to applications that want to encrypt data, for example, database connection strings and account credentials. Web applications often need to store security sensitive data, such as database connection strings and service account credentials in application configuration files. For security reasons, this type of information should never be stored in plain text and should always be encrypted prior to storage....

How To: Create GenericPrincipal Objects with Forms Authentication     
Total Hits: 220  |  Today: 0Author: J.D. Meier, Alex Mackman, Michael Dunner, and Srin      Rating:  
Read Reviews | Write Review |  Your Rating: 

This How To shows you how to create and handle GenericPrincipal and FormsIdentity objects when using Forms authentication. Applications that use Forms authentication will often want to use the GenericPrincipal class (in conjunction with the FormsIdentity class), to create a non-Windows specific authorization scheme, independent of a Windows domain....

How To: Use Forms Authentication with SQL Server 2000     
Total Hits: 264  |  Today: 0      Rating:  
Read Reviews | Write Review |  Your Rating: 

This How To shows you how to implement Forms authentication against a SQL Server credential store. It also shows you how to store password digests in the database. This How To shows you how to implement Forms authentication against a SQL Server credential store. It also shows you how to store password digests in the database....



Disclaimer - Privacy
© 2002-2017 DevASP.net