Public Sector Developer Weblog
Microsoft Public Sector Developer and Platform Evangelism Team Blog. You can learn more about us at http://tinyurl.com/mspubsecdev.
Translate This Page
Translate this page
.NET Framework 2.0
.NET Framework 3.5
.NET Framework 4.0
Developer Dinner Event
Future version of Visual Studio
Open Government Data Initiative (OGDI)
patterns & practices
Software Plus Services
SQL Server 2005
SQL Server 2008
Visual Studio 2005
Visual Studio 2008
Visual Studio 2010
Windows Communication Foundation
Windows Communication Foundation (WCF)
Windows Phone 7
Windows Presentation Foundation (WPF)
Windows Server 2008
Windows Workflow Foundation (WF)
Browse by Tags
Public Sector Developer Weblog
Tagged Content List
Row Level Security for SQL Server 2008
Update to this post from many moons ago! An important challenge for some public sector developers is providing label-based row level security in database-centric applications. Such systems require that classified and/or compartmented data be tagged with security labels and that access to data at...
23 Aug 2011
SDL Developer Starter Kit - “Just Do It!”
NOTE: This was cross posted from here . For those of you who haven’t heard of it, the Microsoft Security Development Lifecycle (SDL) is “A Microsoft-wide initiative and a mandatory policy since 2004, the SDL introduces security and privacy early and throughout the development process. Combining a holistic...
2 Nov 2009
How to Videos: .NET Security Topics
The MSDN folks have been releasing short "How to" videos over the past few months. Recently they've released a series of "How Do I" Security videos for Developers of .NET Solutions. They are nice and short and you can learn very simple things that you can do to make your...
17 Dec 2007
Implementing SmartCard Authentication with ASP.NET
This little nugget just landed in my inbox. Thanks to Jason for putting it together! http://choosing-a-blog-url-sucks.blogspot.com/2007/04/implementing-smartcard-authentication.html -Marc
30 Apr 2007
Just about every time I do an ASP.NET AJAX presentation, someone asks me about some question about AJAX security. I always start of by saying, "I'm not an AJAX security expert, but I will do my best to answer your specifc questions..." Well, thanks to Joe Stagner , there are a bunch of upcoming AJAX...
12 Jan 2007
SQL Server 2005 Label Security Toolkit
As referenced at the 2006 PASS conference this week, the Label Security Toolkit for SQL Server 2005 can be downloaded here [update: the file is attached to this post too]. This toolkit demonstrates how to combine the capabilities of SQL Server 2005 to implement a label-based row and/or cell level security...
16 Nov 2006
ASP.NET 2.0 Internet Security Reference Implemenattion
I've been on vacation and doing some other things so I haven't blogged much lately. I've pretty much been "unplugged" for the majority of that time. I'm slowly catching up on reading others blogs, etc. and came across this on J.D. Meier's Blog . "The ASP.NET 2.0 Internet Security Reference Implementation...
1 Sep 2006
Microsoft Security Summit East 2006
Policy, Process, and Technology September 27-28, 2006 Washington DC On behalf of Microsoft Public Sector, we are pleased to invite you to the 11 th Microsoft Security Summit, “Policy, Process, and Technology ” on September 27 th and 28 th at the Washington Grand Hyatt in Washington DC. Our goal is to...
23 Aug 2006
WCF Workshop Part 6 (Securing your Service Part 2 – Message Encryption)
In Part 6 of the series, I’ve added to the security choices by showing how to do Message-Level (aka., Encryption) between the Service and Client. Unlike Transport-Level Security (or SSL over HTTP) which is point-to-point, Message-Level Security provides you with an option for end-to-end secure communications...
1 Aug 2006
Web Service Software Factory Webcast
I mentioned here that I hadn’t had the opportunity to get caught up on the progress with the Web Service Software Factory . I noticed Don Smith blog’d about a webcast he recently gave on this very subject. I just love screencasts and webcasts because they save me a heck of a lot of time that would have...
5 Jul 2006
patterns & practices goes mobile
"The Microsoft patterns & practices team has released the first Community Technical Preview (CTP) for the Mobile Client Software Factory. The factory will help architects and developers design and build mobile LOB solutions. The Mobile Client Software Factory will include a prescriptive architecture...
7 Jun 2006
You MUST sign up for the Bi-weekly MSDN Flash
Just check out the latest issue at http://msdn.microsoft.com/Flash/ This a bi-weekly newsletter that can be customized to the topics you are most interested in. Mine arrived this morning and contained info on the redesigned Windows Vista Developer Center . A pointer to a free book on Office 2007...
31 May 2006
The importance of Evaluated Configuration: Windows Server 2003 vs SuSE EAL 4+ evaluations compared
Very often in the world of check list-based decision making, subtlety is lost. The EAL evaluations of Windows Server and SuSE are great examples. Both are evaluated at EAL4+, so advantage: neither right? Not so fast. Have a look at this: http://www.microsoft.com/windowsserversystem/facts/analyses...
25 May 2006
Microsoft Federal Architect Forum 06 content
The content for the 2006 Microsoft Federal Architect Forum will be posted on Federaldeveloper.com (link is here: http://tinyurl.com/luawt ) For those who were able to attend, thank you! - Keith
12 May 2006
Cryptograpy API: Next Generation (CNG)
This just in from our Federal Security Program Manager Bill Billings: We recently posted new information on Cryptography API: Next Generation (CNG) API within MSDN. CNG is the long-term replacement for the CryptoAPI and is designed to be extensible at many levels and cryptography agnostic in behavior...
19 Apr 2006
Upcoming Northern Virginia SQL Server Users Group meeting
I just noticed the latest announcement and figured I would share. Here are the highlights: Title – Best Practices for Securing and Auditing SQL Server 2005 http://www.novasql.com/presentations.htm Speaker – Jeremy Gaige, Systems Engineer of Idera Date and Time – Monday, April 24, 2006...
18 Apr 2006
MSDN & TechNet Virtual Labs
We've blogged about the Virtual Labs before, but the content keeps growing. I figured a friendly reminder wouldn't hurt. You'll find labs on ASP.NET 2.0, Visual Studio 2005 (including Team System), SQL Server 2005, BizTalk Server 2006, Window Communication Foundation, Windows Workflow Foundation, Smart...
11 Apr 2006
SQL Server 2005 -- Tools for row and cell level security
As if you needed more reasons to start using SQL Server 2005, we've got another big one! You may have seen links we posted on implementing row level security in SQL Server 2005 in previous posts . Now we are making available a toolkit for easily applying this design in your database. The toolkit comes...
13 Mar 2006
2 downloads on Threat Modeling
What is Microsoft Application Threat Modeling (Hi-Res Video) Brief Description: A video introducing the Microsoft Application Threat Modeling process. Microsoft Threat Analysis & Modeling v2.0 BETA2 Brief Description: Threat modeling to empower application risk management. - Keith
10 Mar 2006
Secure Software Forum -- Workshop series
The Secure Software Forum is conducting a Workshop Series over the next few months. During these events they will discuss best practices for implementing security early in the software application lifecycle and participants will learn specific techniques that can be used to uncover and resolve security...
9 Mar 2006
ASP.NET 2.0 Security Guidance
I just saw an email from JD via Brian that provided a single list of all the ASP.NET 2.0 Security Guidance work they've produced in recent months...it's an impressive list which I thought was valuable to share: Key Recommendations/Guidelines: ASP.NET 2.0 Security Guidelines: http://msdn.microsoft...
27 Feb 2006
Security episode of The Code Room
The latest edition is now online...check it out at: http://www.thecoderoom.com/vegas/ -Darryl
23 Feb 2006
InfoCards for user-centered identity
Here's a teaser video that introduces InfoCards -- a newly announced solution to deal with the problem of identity on the Internet. http://msdn.microsoft.com/msdntv/episode.aspx?xml=episodes/en/20060209InfoCardKC/manifest.xml See Kim's blog at http://identityblog.com/ for more good info. -Darryl
16 Feb 2006
Web Services Security Webcasts
Keith blogged about the Web Service Security Guide earlier. Don Smith just blogged about a series of webcasts based on this guide. The first one titled Securing Web Services with X.509 Certificates in WSE 3.0 was recorded and you can find it here . There are two more coming up titled Securing Web Services...
16 Jan 2006
Configuring ClickOnce Trusted Publishers
First, thank you to everyone who attended the DC Launch. A few people asked about how to configure ClickOnce trusted publishers after the Smart Client session at the DC Launch. My co presenter, Brian Noyes, has an article over on MSDN that walks you through the concept and configuration process. I had...
13 Jan 2006
Page 1 of 2 (42 items)
© 2013 Microsoft Corporation.
Privacy & Cookies