for RuBoard |
By Kevin Price
IN THIS CHAPTER
Implementing SSL Encryption and HTTPS
Encryption of Individual Data Elements ”An Overview
Remoting and Encryption via Sinks ”An Overview
Chapters 13, " Introduction to ASP.NET Security," 14, "Authentication: Know Who Is Accessing Your Site," and 15, "Authorization: Control Who Is Accessing Your Site," introduced you to ways to use new features in .NET to help secure your applications. One consistently mentioned item was that all of these methods are most effective when used in conjunction with SSL. SSL provides an almost universal way to encrypt data between the client and the server. Of course, there are a couple of settings to turn on in the Internet Information Server (IIS) to enable SSL, thus allowing users to access your site over HTTPS. While this chapter may not make you an expert on certificates, SSL, and encryption, it will show you how to enable these devices as well as provide an overview to using sinks to secure remote objects and using HTTPS to secure Web services. Using these methods helps to ensure data integrity through keeping the data encrypted to prying eyes, making your site that much more secure.
This chapter covers a very important, commonly used, yet commonly overlooked aspect of securing your ASP.NET application: using data encryption to protect that data's integrity while in transfer. At the end of this chapter, you will understand
How to implement Secure Sockets Layer (SSL)
Configuring IIS for HTTPS connections
Considerations for keeping your data secure during Web services transactions
Using sinks to keep your data secure
for RuBoard |