Chapter 2. Security Model for ASP.NET Applications
This chapter introduces .NET Web application security. It provides an overview of the security features and services that span the tiers of a typical .NET Web application. It also introduces .NET Framework security and explains which elements are most significant for ASP.NET Web application developers. The core concepts of principal and identity objects are also introduced.
The goal of the chapter is to:
Provide a frame of reference for typical .NET Web applications.
Identify the authentication, authorization, and secure communication security features provided by the various implementation technologies used to build .NET Web applications.
Identify gatekeepers and gates that can be used in your application ...