Hi all,
I wondered if any of you read or know of a site or a good book on how to
write and implement good security polices and methodologies with MS
architecture.
I've read "Designing Secure web based applications" from MSPress and was a
little disappointed of it.

I'm looking for more details and even real case studies on
ASP/Com+/SQLXML/SQL Server 2000 technologies.
The problem that arises from these technologies comes from the fact you
have multiple places of authentication and authorization to use or
implement and we want a simple to manage solution for our web apps (yet
very secured).

We thought of using AD as an LDAP directory in conjunction with SSL client
certificates to implement the role based management and authentication.

Another thing is how to write the ASP code so that SQL injections and other
data manipulation techniques won't work.

How about .Net, is it stable and secure enough ?, we don't plan on moving
to it soon (mainly because of stuff training need to be undergone), at
least not for our Internet Web Apps.

Be glad of your remarks, opinions and implementations.

Have a great day.

Gal Rozov,
MIS- Developer.

Aladdin. Securing the Global Village.
P.O. Box 11141, Tel Aviv 61110 Israel
Tel: +972 3 636-2222; Fax: +972 3 537-5796
Visit us at our Web site! http://www.eAladdin.com

Aladdin supports Idealist. Visit http://www.idealist.org

******************************* IMPORTANT ! **********************************
The content of this email and any attachments are confidential and intended
for the named recipient(s) only.

If you have received this email in error please notify the sender immediately.
Do not disclose the content of this message or make copies.

This email was scanned by eSafe Mail for viruses, vandals and other
malicious content.
******************************************************************************

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]