Designing Secure Mobile Web Form Pages
Building secure Web sites is always a top priority. There are additional security considerations when building a Web application that includes mobile Web pages and might communicate sensitive information over public data networks.
Authentication, authorization, and encryption are the three items you must consider for security in your Web applications. Authentication establishes the identity of a user. Authorization helps to control what the user can or cannot access. Encryption is the mechanism that helps to protect data as it passes between client and server.
ASP.NET mobile controls use the security infrastructure that is in place with Internet Information Services (IIS) and the Microsoft .NET Framework. For more in-depth discussion about encryption and authorization, see the .NET Framework documentation and IIS documentation. The ASP.NET 2.0 QuickStart Tutorial has an introduction to security that is a good place to start.
For more security recommendations, see Securing Applications and ASP.NET Web Application Security.
In This Section
- Authentication Options for Mobile Devices
Describes the complexities of authenticating mobile devices.
- Security and WAP Gateways
Describes the security issues associated with using WAP gateways.
- Port Usage for Mobile Applications
Describes the ports that affect ASP.NET mobile Web pages.
See Also
Reference
Concepts
.NET Framework Cryptography Model
Inside the ASP.NET Mobile Controls
Other Resources
Secure Coding Guidelines
ASP.NET Web Application Security
Accessing Data with ASP.NET
Developing ASP.NET Mobile Web Pages
Application Developer's Guide