Welcome to MSDN Blogs Sign in | Join | Help

December 2005 - Posts

Wednesday, December 28, 2005 5:31 PM

Scott Densmore leaves patterns & practices

I just noticed that Scott has posted his obituary on his blog. He leaves PAG and joins another team within Microsoft... Take a look at http://blogs.msdn.com/scottdensmore/comments/501362.aspx for more information... The good news is that over the last
Posted by Jason Hogg | 1 Comments
Wednesday, December 28, 2005 4:54 PM

Web service security - Threats and Countermeasures - Part 2 : Message Replay Protection

Threats Messages may traverse untrusted intermediaries on an insecure network – any of whom could capture the message and resend the message to the service. A replayed message will often cause data inconsistencies (especially true of update operations)
Posted by Jason Hogg | 0 Comments
Sunday, December 18, 2005 12:09 PM

Web service security - Threats and Countermeasures - Introduction

I am starting a series of entries that aim to provide an overview to major threats related to web service security. My goal is to not only inform people of what some major threats are but also stimulate some discussion and pointers to other threats that
Posted by Jason Hogg | 0 Comments
Sunday, December 18, 2005 12:07 PM

Web service security - Threats and Countermeasures - Part 1 : Message Protection – Integrity and Confidentiality

Threats Network eavesdropping leads to disclosure of confidential information An attacker manipulates a message in transit influencing the service’s behavior Vulnerabilities Lack of end to end encryption when sending SOAP messages Lack of a digital signature
Posted by Jason Hogg | 0 Comments
Thursday, December 15, 2005 7:36 PM

Everything you ever wanted to know about the Web service security UsernameToken

I am still getting used to the blogging tool - so figured I would try out creating an article. Knocked this little beauty up on UsernameToken's as I know that is something that has caused a lot of confusion in the past. http://blogs.msdn.com/thehoggblog/articles/504526.asp
Posted by Jason Hogg | 4 Comments
Tuesday, December 13, 2005 5:17 PM

Web service security: Scenarios, Patterns and Implementations is live

The timing couldn't have worked out any better if we had of tried. We presented our Web Service Security : Scenarios, Patterns and Implementations guide for the first time ever at the patterns & practices summit today - and I just received word that
Posted by Jason Hogg | 0 Comments
 
Page view tracker