This document discusses binding models in ASP.NET MVC and how to tightly control which properties can be updated. It describes how binding works to apply view input to model properties. The main problem is that malicious input could update any property. The solutions covered are using a FormDataCollection and specifying allowed properties, adding a Bind attribute to actions or models to define an include list of updatable properties, and creating a view-specific model with protected properties.