Security of ASP.NET Applications in Hosted Environments

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1

ASP.NET offers an excellent environment for hosting multiple applications on a single Web server. Application Service Providers (ASPs) and Internet Service Providers (ISPs) are able to host multiple applications from different outside sources on a shared server and keep the applications isolated from each other and from critical resources on the server. ASP.NET's configuration system is designed to make it easy to isolate Web applications and to grant code access security permissions to individual applications.

In This Section

Configuring Process Identity for ASP.NET: Describes the trust level and policy settings that you can use to help protect the configuration of the server that hosts your ASP.NET applications.

Required Access Control Lists (ACLs) for ASP.NET: Lists the permissions that ASP.NET needs to access specific server resources.

Code Access Security for ASP.NET: Describes the importance of configuring your Web applications so that they will accept code only from trusted sources.

Trust Levels and Policy Files for ASP.NET: Describes the trust level and policy settings that you can use to securely configure the server that hosts your ASP.NET applications.

Related Sections

Overview of ASP.NET Security:Describes how to work with authorization and authentication in ASP.NET applications.

Overview of ASP.NET Configuration: Describes how to configure ASP.NET applications and includes reference information about each of the ASP.NET configuration elements.