.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Win Surprise Gifts!!!

Top 5 Contributors of the Month
david stephan
Gaurav Pal
Post New Web Links

Trustworthy Computing: Lessons Learned from Five Years of Building More Secure Software

Posted By:      Posted Date: August 21, 2010    Points: 0   Category :ASP.Net

Five years ago, Bill Gates issued a directive to enhance security across the board. Since then, many valuable lessons have been learned about building more secure software.

Michael Howard

MSDN Magazine November 2007

View Complete Post

More Related Resource Links

Lessons Learned: Optimizing A Large Scale Software + Services Application


Udi Dahan explains how his team identified and overcame unforeseen problems while developing a large-scale software + services trading application.

Udi Dahan

MSDN Magazine April 2009

Cloud Computing: Building Distributed Applications With .NET Services


We show you how .NET Services within the Azure Services Platform makes it easy to bring workflow apps to the cloud.

Aaron Skonnard

MSDN Magazine April 2009

Cutting Edge: Building A Secure AJAX Service Layer


This month Dino builds a service layer that authenticates users of Silverlight 2 and ASP.NET AJAX services to prevent illegal access to sensitive back-end services.

Dino Esposito

MSDN Magazine September 2008

{ End Bracket }: Trustworthy Software


The Authenticode dialog box that users see when they download software from the Internet, asking them if they trust the publisher and want to install the software is, in my opinion, a useless and annoying waste of time that provides no safety whatsoever.

David S. Platt

MSDN Magazine December 2005

ASP.NET Security: An Introductory Guide to Building and Deploying More Secure Sites with ASP.NET and


Forms authentication is one of the most compelling and useful new features of ASP.NET. It enables developers to declaratively specify which files on their site can be accessed and by whom, and allows identification of a login page. When an unauthenticated user attempts to retrieve a page protected by forms authentication, ASP.NET automatically redirects them to the login page and asks them to identify themselves. Included here is an overview of forms authentication and what you need to know to put it to work. Also included is hard-to-find information on the security of cookie authentication and on combining forms authentication with role-based URL authorizations.

Jeff Prosise

MSDN Magazine May 2002

ASP.NET Security: An Introductory Guide to Building and Deploying More Secure Sites with ASP.NET and


ASP.NET and Microsoft Internet Information Services (IIS) work together to make building secure Web sites a breeze. But to do it right, you have to know how the two interrelate and what options they provide for securing access to a Web site's resources. This article, the first in a two-part series, explains the ABCs of Web security as seen through the eyes of ASP.NET and includes a hands-on tutorial demonstrating Windows authentication and ACL authorizations. A range of security measures and authentication methods are discussed, including basic authentication, digest authentication, and role-based security.

Jeff Prosise

MSDN Magazine April 2002

Algorithm for Computing Age in Years, Months and Days?

I am generating a crystal report.net that compute age of a person through formula. of course, there is the birthdate and current date. I am familiar with the datediff function but I want to compute is like: "18 Years, 2 Months and fifteen days old." it should include the leap year. Any Algorithm that I can apply to crystal report formula? Your help is very appreciated.

Building a Searchable Phone Directory with Windows SharePoint Services

I want to continue to build out the intranet site we've started in our previous articles. A standard item in every intranet is a staff/employee list. Most companies implementing Windows SharePoint Services (WSS) are large enough to have a database that contains all employees. We will use the aggregation features of SharePoint to include data from this database into our intranet.

Building a grouping Grid with GridView and ASP.NET AJAX toolkit CollapsiblePanel

I've posted an update to this post to apply on demand loading of Details data using ASP.NET AJAX PageMethods. I'm demonstrating the usage if CollapsiblePanelExtender client events on the new post. Check it out.

I admit, Matt Berseth is really inspiring me! Few days ago I pass through 2 of his great posts:

.Surrounding your Data Table and Dialog Controls with ComponentArt Styled Panels
.Building a Grouping Grid with the ASP.NET 3.5 LinqDataSource and ListView Controls
The first one is pure design tips one which I used for making good presentation of my demo here. The 2nd post is actually the idea.

Building Layered Web Applications with Microsoft ASP.NET 2.0 - Part 1

"Building Layered Web Applications" that shows you how to build N-Layer applications with Microsoft ASP.NET 2.0. These articles teach you how to design, build and use custom business objects in your web application. The target audience for this series are developers that are ready to make the switch from using SqlDataSource controls to ObjectDataSource controls with custom business objects. Experience with ASP.NET 2 and C# is necessary while some knowledge about object oriented design certainly helps. The design I am going to show you in these articles is a simplified version of a design you would use in a real world application. It doesn't feature all the necessary functionality your application needs, but instead focuses on the underlying concepts.

Building a 3-Tier App with Silverlight 3, .NET RIA Services, and Azure Table Storage

Silverlight 3, .NET RIA Services, and Windows Azure Services Platform makes a 3-tier Cloud application easier to build: Silverlight 3 as presentation tier, .NET RIA services as the business logic and data access tier, and Windows Azure Table as the data storage tier. The sample application in this article demonstrates the architecture with a simple Survey application with all these technologies working together from Windows Azure.

Software Development Life Cycle (SDLC)

This is also known as Classic Life Cycle Model (or) Linear Sequential Model (or) Waterfall Method. This model has the following activities.

SDLC Approach or Software Development Life Cycle

SDLC process stats from conception to completion of any software project. According to this approach the software development team is responsible for the whole project development life cycle. After doing SRS and requirements analysis; developers follow different models of Software development Life Cycle (SDLC) available, while the most common model is SDLC waterfall model. They divide project in different stages & phases and the output of each stage or phase becomes the input for next stage.

Building a LINQ Provider

Throughout this article, we will build a simple IQueryable provider similar to the LINQ to SQL provider demonstrating what is needed to build a custom provider that is capable of executing LINQ queries and performing create, update and delete operations.


How to calculate childs age,but when i enter childs age as '03/27/2007' it returns 3 years where as actual age is 2 yr 11 months

Data Recovery Software

Nokia mobile phone bulk SMS sending software sends unlimited text messages through a GSM based mobile phone connected with your computer system to other mobile phone. Bulk message broadcasting application sends business related messages, notifications, personal SMS, share market information, enterprise advertising news etc to any group or individual in a single click.
Group messaging wizard offers latest and advance technology to create and sends bulk text messages/SMS from your computer system or laptop/desktop via GSM based mobile phone to another mobile phone worldwide. Instant SMS sending software easily and smoothly works with all popular GSM mobile phone brands including LG, Nokia, Samsung, Sony Ericsson, Motorola etc. Nokia mobile phone mass SMS sending tool facilitates you to have strong relationship with your family, friends, customers etc.
GSM mobile phone SMS sending program is very useful utility for all small or large business enterprise to increase their business by sending event alerts, notifications, advertising to individual or group of customers. Mass messaging software provides solution to the user to send multiple SMS through GSM mobile phone connected through PC to nationally or internationally network based mobile phones.
ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend