Chapter 2. Internet Information Server (IIS) Authentication and Authorization Models, and Locking Down File Access with EFS and WebDAV

Information in this chapter:

▪ RSA and AES

▪ Building the Web Application Structure

▪ Security in Depth

▪ Securing Access with WebDAV

▪ Conclusion

Products, Tools, and Methods:

▪ Internet Information Server (IIS)

▪ WebDAV

▪ New Technology File System (NTFS)

▪ Encrypting File System (EFS)

▪ Custom Application Pools

This chapter explains the different authentication and authorization mechanisms and models one can deploy in IIS, and goes on to use EFS as an example of how to substantially increase the security posture of remotely accessible files.

Keywords: IIS EFS WebDAV

Introduction

Microsoft's Encrypting File System technology ...

Get Thor's Microsoft Security Bible now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Thor's Microsoft Security Bible by Timothy Thor Mullen

Introduction

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly