For more information, see the following resources:
For more information on designing, building and configuring authentication, authorization and secure communications across the tiers of a distributed Web application, see "Microsoft patterns & practices Volume I, Building Secure ASP.NET Applications: Authentication, Authorization, and Secure Communication " at http://msdn.microsoft.com/library/en-us/dnnetsec/html/secnetlpMSDN.asp .
For a printable checklist, see "Checklist: Architecture and Design Review for Security," in the "Checklists" section of this guide.