Web pages in ASP.Net are called ASP.NET Web Forms which have certain server controls such as text, dropdown list, checkboxes, and buttons. An ASP.NET Web Form looks similar to web forms in HTML. The only difference is that in ASP.NET, Web Forms runs at server side and in HTML web forms runs at client side. Apart from this difference an ASP.NET Web Form has more features than an ordinary HTML web form such as:

• The code blocks are processed on server

• The entire page in ASP.NET is compiled when it is requested for first time. When you make subsequent requests, page is not compiled but shown directly in your browser

• ASP.NET Web Forms can contain page directives. Page directives allow you to set default language and user controls tags for entire page. You can also turn off session state and ViewState management using page directives

Once you complete developing a web application, you need to secure it. This is when aspect of security comes into picture. There will be some portions of your application which need to be secured from users. Securing an application may need extra hardware to build complex multi-layer systems with firewalls, and also some highly secure features. Security enables you to provide access to a specified user after user is authenticated and authorized to access resources in your web application. The Access Control List is used in authorization process.

The basic concepts of security are Authentication, Authorization, Impersonation and Data or functional security. Authentication is process that enables to identify a user, so that only that user is provided access to resources. Authorization is process that enables to determine whether a particular user can be given access to resources that user requests. Impersonation is process that provides access to resources requested by a user under a different identity. Data or functional security is process of securing a system physically, updating operating system and using robust software.