Building Secure Microsoft ASP.NET Applications (Pro-Developer) (Paperback)

~ Microsoft Corporation (Author) "Building secure distributed Web applications is challenging..." (more)
Key Phrases: custom data store, trusted subsystem model, principal permission demands, Enterprise Services, Active Directory, Visual Studio (more...)

Editorial Reviews

Product Description

This guide presents a practical, scenario-driven approach to designing and building security-enhanced ASP.NET applications for Microsoft® Windows® 2000 and version 1.1 of the Microsoft .NET Framework.

Product Details

• Paperback: 624 pages
• Publisher: Microsoft Press; 1 edition (February 1, 2003)
• Language: English
• ISBN-10: 0735618909
• ISBN-13: 978-0735618909
• Product Dimensions: 8.9 x 7.4 x 1.4 inches
• Shipping Weight: 2.3 pounds (View shipping rates and policies)
• Average Customer Review: 4.3 out of 5 stars  See all reviews (3 customer reviews)
• Amazon.com Sales Rank: #312,416 in Books (See Bestsellers in Books)

  Popular in these categories: (What's this?)

  #28 in	Books > Computers & Internet > Security & Encryption > Windows Security
  #57 in	Books > Computers & Internet > Microsoft > Development > .NET
  #69 in	Books > Computers & Internet > Web Development > Programming > ASP

Customer Reviews

Most Helpful Customer Reviews

16 of 16 people found the following review helpful:

4.0 out of 5 stars Wow. MS is certainly an unusual source of security info..., December 13, 2003

By	Douglas J. Reilly (Brick, NJ USA) - See all my reviews (REAL NAME)

However, this is overall a good book on the subject.

While MS may not seem like the best source for security information, this really is a good book. Unlike the person ranting in another review, I personally don't care whether Bill Gates and MS is good or evil, or whether the security initiative at MS is a hoax or an honest effort. I care if this book can help me create a better, more secure ASP.NET application. And in that is is a success.

4 stars rather than 5 because the book is a little dry, and not exactly a page turner. However, there are things in here (like the section on hashing passwords) that will really make a difference in the security of your application.

15 of 15 people found the following review helpful:

4.0 out of 5 stars Worthy Purchase, January 7, 2004

By	Matt Brown (Woodbury, Minnesota) - See all my reviews

I agree with most of the reviews on this page. Regardless of Microsoft's current/past practices (which have absolutely nothing to do with the credibility of THIS book), it gives a good background on security in many situations. The part I found most helpful were the 'How To's' sections. There are good real world examples that are straight to the point and easy to comprehend. I code in C# w/SQL Server and all examples in this book use that combination; PERFECT FIT!

I would of bought this book just for the 'How To's' on hashing passwords and implementing roles with IPrincipal.

11 of 11 people found the following review helpful:

5.0 out of 5 stars Good Prescriptive Guidance, December 1, 2003

By A Customer

The Patterns and Practices Series represents the bridge between known best practices and applications. Busy application developers are frequently tasked with building complex and secure system, and at the same time, are required to operate with limited resources and time. This series, and ASP.NET Security specifically, give good prescriptive guidance for a large number of common application scenarios. The how-to sections are exceeding valuable. Check out other books in this series and you will find lots of good guidance to jump start development on the MS platform.