Technical College, Belgrade University,
Faculty of Economics and Engineering Management, University Business Academy,
Novi Sad, Serbia
Faculty of Natural Sciences and Mathematics, University of Banja Luka,
Banja Luka, Bosnia and Herzegovina
Technical College, University of Kragujevac,
Technical School, School of Professional Studies,
Kosovska Mitrovica, Serbia
Department of Mathematics, Technical College, University of Belgrade,
Department of Management, Technical College, University of Belgrade,
In this special issue are presented the methods for security maintaining a web application. Beside fundamental aspects of security of ASP.NET application, also are presented the actions which are necessary to achieve required security, as well as security approach of the code in NET framework. It is shown the user authentication, windows verifying authenticity, and protection by using configuration file. The analysis of the definition of the rules of identification or authorization is maintained by means of tools of WAT, and then it is shown the manner in which displays a login page. The paper describes various techniques for ensuring the security of web applications. Displayed are the ways of authorization and authentication, as well as the potential problems that can then occur. One of the first actions that are imposed when determining the measure of protection ASP.NET application is the analysis of the code. Special precautions should be conducted on potential attacks on a questionable string, or partially altered HTML page. In case of e-commerce web-site, a user orders should be prevented to come in contact with another user orders, by obtaining the user ID of the user's identity.
Successful protection ASP.NET web site would include a layered structure of protection, taking into account the fact that a malicious user has to do not just one of unusual and unexpected things to enter the system, but must do so at least a few.
In addition to the above measures often is used personalization with Windows accounts. Maintaining the security of web applications is one of the most important tasks that need access meticulously and thoroughly. We should combine the protection methods to ensure the best safety. In addition to fundamental security concepts it should be included working with denial of service attacks, and tendency to encrypt the entire network traffic to and from web applications.