Pro ASP.NET Web API Security: Securing ASP.NET Web API by Badrinarayanan Lakshmiraghavan

We saw in Chapter 1 that the term information security means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction to ensure confidentiality, integrity, and availability. Related to this, we have seen how an application can identify and authenticate entities using the three factors based on knowledge, ownership, and inherence to control the access of protected application resources from unauthorized entities. Also, we examined how cryptography can help ensure the two important aspects of message security: confidentiality through encryption ...