.NET news » Security

Microsoft security expert Bryan Sullivan believes denial-of-service blackmail attacks will become more common as privilege escalation attacks become more difficult to execute. He demonstrates how to protect your apps against regular expression DoS threats.

Josh Twist explains the unique challenges developers face in securing Silverlight applications. He shows where to focus your efforts, concentrating on the key aspects of authentication and authorization.

The purpose of this article is demonstrate how to build a Windows Forms application that encrypts files through the use of the RijndaelManaged class, a symmetric algorithm, which is used to encrypt and decrypt data by using its automatically generated Key and IV. Encryption involves the creation of a cipher (an algorithm) that takes data and a generated key as its input. The algorithm will behave in accordance with the length of the key. A symmetric algorithm is one that uses the same key to both decrypt and encrypt the data file. In our case, we will use the RSACryptoServiceProvider, an asymmetric algorithm, to encrypt and decrypt the key to the data encrypted by RijndaelManaged…

The first step to building reliable systems is to accept that it is impossible. Instead, we will attempt to build a more reliable system from a collection of smaller unreliable components. The idea is to manage failure rather than pursue an impossible perfection. Find out how.

An article about .NET internals and native compiling.

Edit web.config to Update the Data Provider for Shared Hosting with Role-Based Security: SQL Server, ODBC, Active Directory, ADAM, SQLite, MySQL, Access, XML

Import and Export RSA Keys in PKCS#8 and X.509 Format using Crypto++, C#, and Java

Do you have a cool personalized application that you want to offer to over 400 million users? Do you want to light it up with Live controls or create a mashup with Live resources?Windows Live ID now offers a simple way for third parties to get Live ID authentication in your Web or rich client applications, letting you reach millions of Live ID users, integrate with Live Controls, and access Live services.

Learn to take advantage of the inner workings of ASP.NET's security model to help eliminate security vulnerabilities from your web applications.

One of the most important security principles for software development is least privilege. Simply put, least privilege means that an application, process, or user should have the least access to resources required to accomplish a task and no more. By following this principle, even if your application is attacked or a user goes on the payroll of your nastiest competitor, you'll have limited the potential damage. Bottom line: implementing partial trust in ASP.NET is the single biggest thing you can do to make your applications secure.