Denis Piliptchouk finished his four part series comparing Java and .NET security, with a piece on user authentication and authorization. This is the conclusion to the series I posted about here .

It's interesting to note all the power of the find combo box in the Visual Studio command bar. It's easily one of the more useful controls I've ever used, yet it just sits there all quiet and unassuming. I've run into a lot of people who know one of two...

Here's a fun little timer waster over on Bungie's website: http://halo.bungie.org/misc/warthog_launch.html

Dino Esposito has written a nice introduction to ObjectSpaces over on MSDN. For those who don't know, ObjectSpaces is, to me at least, one of the more exciting features of Whidbey. It's an object <-> RDBMS mappings system that takes most of the...

Most of the .NET security system can be serialized out to XML, and knows how to deserialize itself from an XML stream. This would seem to make it easy to create security objects (such as PermissionSet's) from XML documents, or maybe use an XPath query...

Occasionally I get asked how to use the hashing algorithms that ship with .NET to get the hash of some data when there is only access to pieces of the input at a time. This comes up for various reasons, sometimes the input data is too big to fit entirely...

This question comes up every so often on the public newsgroups, so I thought I'd write out an explanation here. When you try to round trip encrypted data through plain text (for instance, take the encrypted data and put it into a text string), you need...

My first lead at Microsoft, from way back in the summer of 2001 when I was an intern, was featured on MSDN TV last week giving a basic introduction to CAS, and discussing how it applys to managed code developers. You can find the show here .

Earlier this week, I posted about using cipher references to refer to data stored in the same document. Today I'll use the same technique, but instead of storing the encrypted data elsewhere in the document, I'm going to store it on a seperate server...

Denis Piliptchouk has written a four part series comparing .NET and Java security on O'Reilly's OnJava site. Part 1 - Security Configuration and Code Containment Part 2 - Cryptography and Communication Part 3 - Code Protection and CAS Part...

Most users of encrypted XML will encrypt their data and embed the resulting cipher value directly into the EncryptedData element, using a CipherValue tag. However, XML encryption also supports the use of CipherReferences, which allow you to place the...

Although this is kind of old news, you can check out Sebastian Lange (CLR Security PM) and Ivan Medvedev (CLR Security Test Lead) giving a talk about new features in security for our Whidbey release. This is a video and slideshow from the presentation...