Security Guidance for .NET Framework 2.0

From Mynoteswiki.com

Summary

The purpose of this project is to provide world-class security guidance for .NET Framework 2.0 centered around thre following key themes:

• Security engineering
• Application scenarios
• Technical guidance
• Tools integration

Security engineering represents the set of life-cycle activities proven to produce more secure software. Application scenarios represent end-to-end guidance for building and deploying secure software in common user scenarios. Technical guidance represents precise, context-specific guidance to solve particular engineering problems.

Key Links

• MSDN Home: http://msdn2.microsoft.com/en-us/library/ms954725.aspx
• Channel9 Wiki: http://channel9.msdn.com/wiki/default.aspx/SecurityWiki.SecurityGuidanceForNETv2AboutThisProject

Contents At a Glance

Guidelines

• Security Guidelines: .NET Framework 2.0
• Security Guidelines: ADO.NET 2.0
• Security Guidelines: ASP.NET 2.0

Checklists

• Security Checklist: .NET Framework 2.0
• Security Checklist: ADO.NET 2.0
• Security Checklist: ASP.NET 2.0

Practices at a Glance

• Security Practices: .NET Framework 2.0 Security Practices at a Glance
• Security Practices: ASP.NET 2.0 Security Practices at a Glance

How Tos

• How To: Configure the Machine Key in ASP.NET 2.0
• How To: Connect to SQL Server Using SQL Authentication in ASP.NET 2.0
• How To: Connect to SQL Server Using Windows Authentication in ASP.NET 2.0
• How To: Create a Service Account for an ASP.NET 2.0 Application
• How To: Encrypt Configuration Sections in ASP.NET 2.0 Using DPAPI
• How To: Encrypt Configuration Sections in ASP.NET 2.0 Using RSA
• How To: Improve Security When Hosting Multiple Applications in ASP.NET 2.0
• How To: Instrument ASP.NET 2.0 Applications for Security
• How To: Prevent Cross-Site Scripting in ASP.NET
• How To: Protect Forms Authentication in ASP.NET 2.0
• How To: Protect From Injection Attacks in ASP.NET
• How To: Protect From SQL Injection in ASP.NET
• How To: Use ADAM for Roles in ASP.NET 2.0
• How To: Use Authorization Manager (AzMan) with ASP.NET 2.0
• How To: Use Code Access Security in ASP.NET 2.0
• How To: Use Forms Authentication with Active Directory in ASP.NET 2.0
• How To: Use Forms Authentication with Active Directory in Multiple Domains in ASP.NET 2.0
• How To: Use Forms Authentication with SQL Server in ASP.NET 2.0
• How To: Use Health Monitoring in ASP.NET 2.0
• How To: Use Impersonation and Delegation in ASP.NET 2.0
• How To: Use Medium Trust in ASP.NET 2.0
• How To: Use Membership in ASP.NET 2.0
• How To: Use the Network Service Account to Access Resources in ASP.NET
• How To: Use Protocol Transition and Constrained Delegation in ASP.NET 2.0
• How To: Use Regular Expressions to Constrain Input in ASP.NET
• How To: Use Role Manager in ASP.NET 2.0
• How To: Use Windows Authentication in ASP.NET 2.0