資源描述:
《hacking the code asp web application security cookbook外語(yǔ)英文電子書(shū)》由會(huì)員上傳分享���,免費(fèi)在線閱讀���,更多相關(guān)內(nèi)容在教育資源-天天文庫(kù)����。
1���、MoreFreeEbook:http://www.latestebook.comHackingtheCode:ASP.NETWebApplicationSecurityby?MarkM.Burnett?and?JamesC.FosterISBN:1932266658SyngressPublishing?2004Thisuniquebookwalksyouthroughthemanythreatstoyourwebapplicationcode,frommanagingandauthorizingusersandencryptingprivatedatatof
2、ilteringuserinputandsecuringXML.TableofContentsHackingtheCodeASP.NETWebApplicationSecurityChapter1-ManagingUsersChapter2-AuthenticatingandAuthorizingUsersChapter3-ManagingSessionsChapter4-EncryptingPrivateDataChapter5-FilteringUserInputChapter6-AccessingDataChapter7-DevelopingSecur
3�����、eASP.NETApplicationsChapter8-SecuringXMLAppendixA-Understanding.NETSecurityAppendixB-GlossaryofWebApplicationSecurityThreatsIndexListofFiguresListofTablesListofSidebarsMoreFreeEbook:http://www.latestebook.comMoreFreeEbook:http://www.latestebook.comBackCoverThisuniquebookwalksyouthr
4��、oughthemanythreatstoyourwebapplicationcode,frommanagingandauthorizingusersandencryptingprivatedatatofilteringuserinputandsecuringXML.Foreverydefinedthreat,itprovidesamenuofsolutionsandcodingconsiderations.And,itofferscodingexamplesandasetofsecuritypoliciesforeachofthecorrespondingt
5��、hreats.Knowthethreatstoyourapplications:Developsecurepasswordpoliciesandsecurelymanageuserpasswordsinyourwebapplication.Establishasecureprocedureforresettinglostorforgottenpasswordsanddiscoverhowtoproperlyusesecretquestionsinthatprocess.Securelyauthenticateandauthorizeusers,takinga
6�����、dvantageoftheadvancedcapabilitiesinASP.NET.Limitexposuretocredentialharvestingandbruteforcepasswordattacks.Securelymanageusersessionsandlearnhowtocreatestronguserauthenticationtokens.Workwiththebuilt-instateprovidersandsecurelyimplementviewstateinyourforms.Makesenseoftheextensiveen
7���、cryptionfeaturesinASP.NETandemploysymmetricandasymmetricencryptionforsensitivedata.Properlyencryptandstoresecretstotheregistry,afile,ortheprotectedstore.FilteruserinputtopreventfromSQLinjection,directorytraversal,cross-sitescriptingandotherapplication-levelattacks.Applytechniquessu
8��、chaspatternmatchinganddata
