Microsoft has published some Prescription Architecture Guides (PAG's) http://www.microsoft.com/resources/practices/
In particular have a look at: Improving Web Application Security: Threats and Countermeasures http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetse c/html/ThreatCounter.asp Authentication in ASP.NET: .NET Security Guidance http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnbda/h tml/authaspdotnet.asp Building Secure ASP.NET Applications: Authentication, Authorization, and Secure Communication http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetse c/html/secnetlpMSDN.asp Windows Server 2003 Security Guide http://www.microsoft.com/downloads/details.aspx?FamilyId=8A2643C1-0685-4 D89-B655-521EA6C7B4DB&displaylang=en HTH, Hans -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Bret Watson Sent: Monday, April 05, 2004 6:37 PM To: sc-l Subject: [SC-L] Dot Net guidelines? Hi All, my boss has asked me to see if there are any guidelines out there regarding dot Net... We currently use Java, but we expect the development teams to want to use microsoft's lastest toy sooner or later.. Thanks, Bret
