Making secure ASP.NET

  • Thread starter Thread starter Xarky
  • Start date Start date
X

Xarky

Hi,
I am writing a small ASP.NET application, and I need to make it secure.

I was thinking of SSL but I don't know how to do it, or there exists other ways.

Can someone help me out.
Thanks in Advance
 
Xarky said:
Hi,
I am writing a small ASP.NET application, and I need to make it secure.

I was thinking of SSL but I don't know how to do it, or there exists other ways.

Can someone help me out.
Thanks in Advance
Click to expand...

define "secure":
- no eavesdropping on requests or responses between server and client
- users can't access each others data
- even with server access, you can't read user data
- etc...

only the first will benefit from using SSL, the rest is application design.
 
Hi,
Sorry if I did not define myself will with 'secure'. Let me explain
with my scenario.

I will be having a login screen. Users will have to enter username and
password to prove themselves. Now I need to maintain the username and
password private, that is if a users tries to hack someone else personal
data, the data that he will get is garbage and so cannot impersonate
himself as the proper user. In the system I will have other data that
will be transmitted between the server and the client, and also this
data needs to be maintained private.

Now the main reason I was thinking of SSL is because SSL is built into
almost all web browsers, and so through out a session a symmetric key
can be negotiated where both server and browser use this key to
communicate confidentially.

Can someone help me out, to do this scenario secure.
Thanks in Advance
 
Back
Top