.NET news » Security

This article covers what the differences are between hashing, MAC and digital signatures. It presumes a certain level of knowledge about encryption methods especially the difference between symmetric and asymmetric encryption. The article does not cover how to perform encryption or about key management. There are some code examples on how to perform each of the technologies using C# in .NET v2.0.

The Enterprise Library Application Blocks aren't useful only in Windows Forms applications; you can use them in ASP.NET too by downloading a set of patch files and configuring the security settings appropriately. Find out how.

Windows Communication Foundation (WCF) is a secure, reliable, and scalable messaging platform for the .NET Framework 3.0.With WCF, SOAP messages can be transmitted over a variety of supported protocols including IPC (named pipes), TCP, HTTP and MSMQ. Like any distributed messaging platform, you must establish security policies for protecting messages and for authenticating and authorizing calls. This article will discuss how WCF accomplishes this.

Whenever you build a new system you should consider how an in¬truder might go about attacking it and then build in appropriate defenses at design time.

In this article, the author presents an extension to the Security Development Lifecycle Which could promote a better flow of information between users and designers of software security features.

This article discusses some new threats to your SQL Web app that include modifying SQL statements or injecting SQL code even if the code has escaped the delimiting characters.

• Why won't my simple Windows® Communication Foundation service start when I run it as a non-administrator?
• What is the best way to implement split knowledge and dual control of keys?

A simple but robust software protection and activation.

Password Manager is a System.Security usage example using SecureString and SymmetricAlgorithms.

Discusses the OPC Digital Signing Framework, providing an overview of the package components and supporting services, and examples of signing policy and its implementation.