Microsoft Press has this great book.
this book includes...
• Harden a Web server, operating system, communication protocol, and ASP.NET Validate input data with white listing, regular expressions, sand boxing, and other techniques
•Understand design and security implications of various cryptography approaches
•Integrate with Microsoft Windows security features such as impersonation, delegation and protocol transition
•Implement Web farm, single sign-on, and mixed-mode authentication
•Use provider-based features for user and role management and authentication
•Trace attacks with error-handling, logging, and instrumentation
•Lock down your application with partial trust
here is the link to buy this book...