Building secure distributed Web applications can be challenging. It usually involves integrating several different technologies and products—yet your complete application will only be as secure as its weakest link. This guide presents a practical, scenario-driven approach to designing and building secure ASP.NET applications for Microsoft Windows 2000 and version 1.1 of the Microsoft .NET Framework. It focuses on the key elements of authentication, authorization, and secure communication within and across the tiers of distributed .NET Web applications.

This guide focuses on:

• Authentication (to identify the clients of your application
• Authorization (to provide access controls for those clients)
• Secure communication (to ensure that messages remain private and are not altered by unauthorized parties)