.NET news » Search results

This is a self paced workshop designed to lead you through the benefits and features of .NET security. There are over 50 code examples and many more walkthroughs showing you how to use the .NET security classes and how to administer .NET security policy. The workshop covers code access security, role based security, access control lists, symmetric and asymmetric cryptography, certificates, CMS/PKCS, data protection APIs, and encrypting and signing XML.

The labyrinth of security features for WCF is intricate and at times even overwhelming. At its core, however, are a basic set of security principals for authentication, authorization, and message transfer protection.

In this article, the author presents an extension to the Security Development Lifecycle Which could promote a better flow of information between users and designers of software security features.

Get a peek at the new security features in SQL Server 2005 from a developer's point of view. While there are lots of admin enhancements, there are also plenty of dev-specific security improvements you can take advantage of, such as endpoint authentication and support for the security context of managed code that executes on the server. Here Don Kiely elucidates.

One of the major benefits of writing .NET code to run in the Common Language Runtime (CLR) hosted in any environment is code access security (CAS).CAS provides a code-based-rather than user-based-authorization scheme to prevent various kinds of luring and other code attacks. But how does that security scheme coexist with SQL Server 2005's own, newly enhanced security features? By default your .NET code is reasonably secure, but it's all too easy for the two security schemes to butt heads and cause you grief. In this article I'll look briefly at the concept behind CAS and a few new security features in SQL Server 2005, then explore how to make the two systems work for you instead of against you as you take advantage of these advanced programming features in SQL Server.

Provides architectural, design, and implementation guidance for Web service security by using Web Services Enhancements (WSE) 3.0. Includes scenarios, patterns, decision matrices, and QuickStarts to help you make the most appropriate security decisions.

The.NET Framework 2.0 got quite a few security enhancements. This month Keith takes you on a whirlwind tour of the goodies you'll find there.

Use these learning paths to find a range of Microsoft training references and resources on security threats and appropriate countermeasures. These paths provide information on security planning, prevention, detection, and response.

Developers often concentrate on writing secure code but leave security vulnerabilities in application configuration files. Discover the most common configuration security problems—and how to avoid them.

Learn to take advantage of the inner workings of ASP.NET's security model to help eliminate security vulnerabilities from your web applications.