Improving Web Application Security: Threats and Countermeasures

Related Microsoft patterns & practices Guidance

• Building Secure ASP.NET Applications: Authentication, Authorization, and Secure Communication on the MSDN Web site at http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/secnetlpMSDN.asp .

  This guide focuses on the key elements of authentication, authorization, and secure communication within and across the tiers of distributed .NET Web applications. It is written for architects and developers.

• Designing Application-Managed Authorization on the MSDN Web site at http://msdn.microsoft.com/library/?url=/library/en-us/dnbda/html/damaz.asp .

  This guide focuses on common authorization tasks and scenarios, and it provides information that helps you choose the best approaches and techniques. It is written for architects and developers.

• Microsoft Solution for Securing Windows 2000 Server on the Microsoft Technet Web site at http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/prodtech/windows/secwin2k/default.asp .

  This guide delivers procedures and best practices for system administrators to lock down their Windows 2000-based servers and maintain secure operations once they're up and running. It is written for IT Pros.

More Information

For more information on patterns and practices , refer to the Microsoft patterns & practices home page at http://msdn.microsoft.com/practices/ .