Welcome to MSDN Blogs Sign in | Join | Help

January 2006 - Posts

Saturday, January 28, 2006 12:34 PM

RSA Security Conference 2006

I attended the RSA Security Conference last year and was surprised not to see better guidance on securing web services. This combined with the challenges I observed as a member of the WS-I Basic Security Profile Sample Application's team inspired our
Posted by Jason Hogg | 0 Comments
Friday, January 27, 2006 3:47 PM

Web service security - Threats and Countermeasures - Part 4 : Message Protection – Sign and Encrypt and Encrypt Signature!

Network eavesdropping may lead to disclosure of confidential information even though the SOAP message body is encrypted! How could this be possible you ask? Read on... http://blogs.msdn.com/thehoggblog/articles/518574.aspx
Posted by Jason Hogg | 0 Comments
Friday, January 27, 2006 1:56 PM

Web service security webcasts

In case anyone missed the recent web casts on Web service security that Don Smith, Ron Jacobs, Dwayne Taylor and Mark Fussell have been doing take a look. There are three web casts covering Kerberos, X.509 Tokens or UsernameTokens. For more information
Posted by Jason Hogg | 0 Comments
Thursday, January 19, 2006 2:19 PM

SAML Security Token Service for WSE 3.0 just released...

We have just released our Security token service for WSE 3.0. So if you are interested in Web service security, or are learning WSE 3.0 or are interested in learning more about SAML head to our workspace and take a look... http://practices.gotdotnet.com/projects/saml
Posted by Jason Hogg | 2 Comments
Wednesday, January 04, 2006 1:24 PM

Web service security - Threats and Countermeasures - Part 3 : Message Validation

Threats Message data may be malformed for malicious intentions such as injection attacks Vulnerabilities XML serialization helps validate some data types as XML data from the message is transformed into .Net data types – but this does not prevent against
Posted by Jason Hogg | 0 Comments
 
Page view tracker