It is about SimpleMembership, WebSecurity, RememberMe, and other security matters in MVC 4.
1. Articles from Rick Anderson, Microsoft MVP about security on ASP.NET MVC web application.
2. Series Article from Troy Hunt, MS MVP about Top 10 Open Web Application Security Project (OWASP) security risks for .Net developers.
- Cross-Site Scripting (XSS)
- Broken Authentication and Session Management
- Insecure Direct Object References
- Cross-Site Request Forgery (CSRF)
- Security Misconfiguration
- Insecure Cryptographic Storage
- Failure to Restrict URL Access
- Insufficient Transport Layer Protection
- Unvalidated Redirects and Forwards
There are many technical resources such as IBM’s tech white papers for their mob app dev.
IBM Mobile Application Development solutions – here.
This article is a well-written overview for the potential security issues on ASP .NET web applications.
The contents are .NET centric, but it delivers a quite decent technical contents on web vulnerability attacks – Click-jack Attacks, vulnerable HTTP methods, disabled directory listing, encryption on db connection string, and so on.
Hope this helps. 🙂
Creational Design Patterns
- Factory Method : Create instances of derived classes
- Abstract Factory : Create instances of several classes belonging to different families
- Builder : Separates an object construction from its representation
- Prototype : Create a duplicate object or clone of the object
- Singleton : Ensures that a class can has only one instance
Structural Design Patterns
- Adapter : Match interfaces of different classes
- Bridge : Separates an object’s abstraction from its implementation
- Composite : A tree structure of simple and composite objects
- Decorator : Add responsibilities to objects dynamically
- Façade : A single class that represents an entire complex system
- Flyweight : Minimize memory usage by sharing as much data as possible with similar objects
- Proxy : Provides a surrogate object, which references to other object
Behavioral Design Patterns
- Chain of Responsibility
- Template Method