To learn more about ASP.NET security I'd recommend checking
out my ASP.NET Security Resources list as well as my ASP.NET Tips and Tricks Page.
There are also now two dedicated books on ASP.NET 2.0
Security out there: Stefan Schackow's Professional ASP.NET 2.0 Security, Membership and Role
Management book and the new Developing More Secure Microsoft ASP.NET 2.0 Applications
book by Dominick Baier (who runs the great http://www.leastprivilege.com/ blog)
that just got published this week:
Hope this helps,