Welcome to MSDN Blogs
Sign in
|
Join
|
Help
.NET Security Blog
This Blog
Syndication
RSS 2.0
Atom 1.0
Search
Tags
CAS
ClickOnce
CLR v4
CNG
Cryptography
Debugging
Orcas
Other
Policy
Security
Silverlight
SSCLI
StrongName
Transparency
Under the Hood
Visual Studio
Windows
XML
News
Silverlight Security Cheat Sheet
What's New in Security for v2.0
List of CLR Bloggers
Getting Help with your .NET Questions
Archives
November 2009 (2)
June 2009 (4)
May 2009 (6)
March 2009 (1)
December 2008 (2)
August 2008 (1)
July 2008 (2)
May 2008 (2)
March 2008 (2)
February 2008 (1)
January 2008 (1)
October 2007 (2)
June 2007 (1)
May 2007 (5)
April 2007 (1)
March 2007 (4)
February 2007 (3)
January 2007 (5)
December 2006 (2)
November 2006 (3)
October 2006 (5)
September 2006 (2)
August 2006 (1)
July 2006 (6)
June 2006 (6)
May 2006 (7)
April 2006 (7)
March 2006 (6)
February 2006 (7)
January 2006 (9)
December 2005 (7)
November 2005 (8)
October 2005 (8)
September 2005 (11)
August 2005 (7)
July 2005 (8)
June 2005 (4)
May 2005 (10)
April 2005 (6)
March 2005 (10)
February 2005 (9)
January 2005 (10)
December 2004 (10)
November 2004 (11)
October 2004 (12)
September 2004 (10)
August 2004 (10)
July 2004 (10)
June 2004 (11)
May 2004 (7)
April 2004 (14)
March 2004 (21)
February 2004 (12)
January 2004 (3)
December 2003 (1)
November 2003 (5)
October 2003 (1)
June 2003 (2)
February 2004 - Posts
Friday, February 27, 2004 6:24 PM
Part 4 of the Java vs .NET Comparison Posted
Denis Piliptchouk finished his four part series comparing Java and .NET security, with a piece on user authentication and authorization. This is the conclusion to the series I posted about here .
Posted by
shawnfa
|
0 Comments
Friday, February 27, 2004 3:57 PM
Fun with the Visual Studio Find Combo Box
It's interesting to note all the power of the find combo box in the Visual Studio command bar. It's easily one of the more useful controls I've ever used, yet it just sits there all quiet and unassuming. I've run into a lot of people who know one of two
Posted by
shawnfa
|
6 Comments
Filed under:
Visual Studio
Thursday, February 26, 2004 10:34 AM
Don't Click Here If You Value Your Productivity
Here's a fun little timer waster over on Bungie's website: http://halo.bungie.org/misc/warthog_launch.html
Posted by
shawnfa
|
10 Comments
Filed under:
Other
Wednesday, February 25, 2004 2:18 PM
Introduction to ObjectSpaces
Dino Esposito has written a nice introduction to ObjectSpaces over on MSDN. For those who don't know, ObjectSpaces is, to me at least, one of the more exciting features of Whidbey. It's an object <-> RDBMS mappings system that takes most of the
Posted by
shawnfa
|
0 Comments
Tuesday, February 24, 2004 6:25 PM
Creating a SecurityElement from XML
Most of the .NET security system can be serialized out to XML, and knows how to deserialize itself from an XML stream. This would seem to make it easy to create security objects (such as PermissionSet's) from XML documents, or maybe use an XPath query
Posted by
shawnfa
|
2 Comments
Filed under:
Security
,
XML
,
CAS
Friday, February 20, 2004 6:01 PM
Using the Hashing Transforms (or How Do I Compute a Hash Block by Block)
Occasionally I get asked how to use the hashing algorithms that ship with .NET to get the hash of some data when there is only access to pieces of the input at a time. This comes up for various reasons, sometimes the input data is too big to fit entirely
Posted by
shawnfa
|
5 Comments
Filed under:
Security
,
Cryptography
Friday, February 20, 2004 4:31 PM
Roundtripping Encrypted Data Through Text
This question comes up every so often on the public newsgroups, so I thought I'd write out an explanation here. When you try to round trip encrypted data through plain text (for instance, take the encrypted data and put it into a text string), you need
Posted by
shawnfa
|
2 Comments
Filed under:
Security
,
Cryptography
Thursday, February 19, 2004 6:14 PM
MSDN TV Talks about CAS
My first lead at Microsoft, from way back in the summer of 2001 when I was an intern, was featured on MSDN TV last week giving a basic introduction to CAS, and discussing how it applys to managed code developers. You can find the show here .
Posted by
shawnfa
|
0 Comments
Filed under:
Security
,
CAS
Wednesday, February 18, 2004 2:30 PM
Using XML Encryption With CipherReferences, Part 2 - Remote Data
Earlier this week, I posted about using cipher references to refer to data stored in the same document. Today I'll use the same technique, but instead of storing the encrypted data elsewhere in the document, I'm going to store it on a seperate server.
Posted by
shawnfa
|
3 Comments
Filed under:
Security
,
Cryptography
,
XML
Wednesday, February 18, 2004 11:37 AM
Comparison of .NET and Java Security
Denis Piliptchouk has written a four part series comparing .NET and Java security on O'Reilly's OnJava site. Part 1 - Security Configuration and Code Containment Part 2 - Cryptography and Communication Part 3 - Code Protection and CAS Part 4 - Authentication
Posted by
shawnfa
|
5 Comments
Filed under:
Security
,
Cryptography
,
CAS
Monday, February 16, 2004 4:30 PM
Using XML Encryption With CipherReferences, Part 1 - Local Data
Most users of encrypted XML will encrypt their data and embed the resulting cipher value directly into the EncryptedData element, using a CipherValue tag. However, XML encryption also supports the use of CipherReferences, which allow you to place the
Posted by
shawnfa
|
5 Comments
Filed under:
Security
,
Cryptography
,
XML
Monday, February 02, 2004 5:31 PM
Whidbey Security Presentation from the PDC
Although this is kind of old news, you can check out Sebastian Lange (CLR Security PM) and Ivan Medvedev (CLR Security Test Lead) giving a talk about new features in security for our Whidbey release. This is a video and slideshow from the presentation
Posted by
shawnfa
|
0 Comments
Filed under:
Security
