Udostępnij za pośrednictwem


Resources for Creating Secure Applications

From design of your application through deployment, remember to consider security. This topic contains links to resources about secure coding practices.

Product Documentation

The following topics provide information about how to code secure applications.

Topic

Description

Security in Native and .NET Framework Code

Provides information about security considerations that span the life of an application from coding to deployment.

Security Best Practices for C++

Provides information about security features and practices for working in Visual C++.

Security and Visual Basic Development

Provides information about the top three security concerns for working in Visual Basic, as follows: user rights, Web applications, and Visual Studio setup.

Security (C# Programming Guide)

Provides a list of security recommendations that are specific to C#.

Securing ADO.NET Applications

Provides information about how to secure the parts of your application that use ADO.NET.

ASP.NET Web Application Security

Provides information about how to control access to data in Web applications by using authentication.

Securing ASP.NET Web Sites

Provides information about how to protect Web sites from security attacks.

Security in Device Projects

Provides information about security issues for smart device development.

Online Resources

The following sources can be found on the Internet.

Articles

Article

Description

MSDE Security and Authentication (Knowledge Base article 325022)

Provides an overview of Microsoft Desktop Engine (MSDE) security and authentication. Also provides tips about how to make your data more secure.

Managing Security

Provides information about the security tools that are built into SQL Server. Also provides tips about how to plan for security.

Writing More Secure IIS Applications

Describes programming tasks that can be used to improve the security of an IIS application, such as validating user input and constructing database query strings that protect against script injection.

Other sources