毕业论文论文范文课程设计实践报告法律论文英语论文教学论文医学论文农学论文艺术论文行政论文管理论文计算机安全
您现在的位置: 毕业论文 >> 论文 >> 正文

ASP. NET 中认证安全特征英文论文文献和翻译

更新时间:2014-4-19:  来源:毕业论文

An overview of authentication security features in ASP. NET
Narcisio Tumushabe , TAN Guan-zheng

Abstract : This article discusses the authentication feature of the ASP. NET to support security when designing a server application. Both Microsoft Internet Information Services ( IIS) and ASP. NET provide security models that will allow web developers to authenticate the your users appropriately and obtain the correct security context within the application. Three levels of authentication covered are the Formsbased , passport and windows authentications. The article literature is limited to these three areas.
Key words : Forms2based; passport ; windows authentication
CLC number : TP 393108  Document code : A   Article ID : 1000 - 1646 (2003) 03 - 0250 - 05
 Security is one of the primary concerns forboth developers and application architect s. As there are lot s of different types of websites with varying security needs , the developers need to know how the security works and choose the appropriate security model for their applications. Some websites collect no information from the users and publish the information that is available widely such as search engine. There are other sites that may need to collect sensitive information f rom their users like  credit card numbers. These websites need muchst ronger security implementation to avoid malicious  attacks f rom external entities.本文来自辣.文,论-文·网原文请找腾讯752018766
1  Fundamental Operations of ASP. NET Security  
Security in the context of ASP. NET application involves 3 fundamental operations namely Authentication , Authorization and Impersonation. Authentication is the process of validating the identity of a user to allow or deny a request .This involves accepting credentials ( e. g. username and password) from the users and validating it against adesignated authority. After the identity is verified and validated , the user is considered to be legal and the resource request is fulfilled. Future request from the same user ideally are not subject to the authentication process until the user logs out of the web application. Authorization is the process of ensuring that users with valid identity are allowed to access specific resources. Impersonation is the process that enables an application to ensure the identity of the user , and in turn make request to the other resources. Access to resources will be granted or denied based on the identity that is being impersonated.
2  Authentication in ASP. NET
Authentication is one of the foremost features of web application’s security. In ASP. NET , authentication is done at two levels . [2]First , Internet Information Server (IIS) will perform the required authentication , then send out the request to ASP. NET , as described in Figure 1. For ASP. NET application , the underlying web server is IIS. Therefore , every ASP. NET application can continue to leverage the security options provided by IIS .When the user requests a specific resource on the system, that request will come to IIS. IIS authenticates the user requesting the resource and then hands off the request and the security token for the authenticating user to ASP. NET worker process. ASP. NET worker process will decide whether to impersonate the authenticated user supplied by IIS or not . If impersonation is enabled in the configuration setting in Web. config file , then ASP. NET worker process impersonates the authenticated user. Otherwise , the thread will run under the ASP. NET worker process identity. After all , ASP.NET checks whether the authenticated user is authorized to access these resources. If they are allowed to , ASP. NET serves the request; otherwise it sends an“access denied”error message back to the user. 2613

[1] [2] [3] [4] [5] 下一页

ASP. NET 中认证安全特征英文论文文献和翻译下载如图片无法显示或论文不完整,请联系qq752018766
设为首页 | 联系站长 | 友情链接 | 网站地图 |

copyright©751com.cn 辣文论文网 严禁转载
如果本毕业论文网损害了您的利益或者侵犯了您的权利,请及时联系,我们一定会及时改正。