.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Register
 
Win Surprise Gifts!!!
Congratulations!!!


Post New Web Links

Security Briefs: Customizing GINA, Part 1

Posted By:      Posted Date: August 21, 2010    Points: 0   Category :ASP.Net
 

Over the years I've had many people ask me to write about GINA, the Graphical Identification and Authentication component that serves as the gateway for interactive logons. This month I'll begin my coverage of this topic to help you get started if you're tasked to build such a beast.

Keith Brown

MSDN Magazine May 2005




View Complete Post


More Related Resource Links

Security Briefs: Customizing GINA, Part 2

  

GINA, the Graphical Identification and Authentication component, is a part of WinLogon that you can customize or replace. Last month I introduced GINA customization; this month, I'm going to drill down to implement each of the GINA entry points.

Keith Brown

MSDN Magazine June 2005


Security Briefs: View State Security

  

Effectively managing user state in web applications can be a tricky balancing act of performance, scalability, maintainability and security. The security consideration is especially evident when you're managing user state stored on the client. Here's what you need to know about view state security.

Bryan Sullivan

MSDN Magazine July 2010


Security Briefs: Regular Expression Denial of Service Attacks and Defenses

  

Microsoft security expert Bryan Sullivan believes denial-of-service blackmail attacks will become more common as privilege escalation attacks become more difficult to execute. He demonstrates how to protect your apps against regular expression DoS threats.

Bryan Sullivan

MSDN Magazine May 2010


Security Briefs: Add a Security Bug Bar to Microsoft Team Foundation Server 2010

  

Take a peek inside Microsoft's strict development security structure as Bryan Sullivan describes the objective security bug classification system?the "bug bar"?used by internal product and online services teams. He will show you how to incorporate this classification system into your own development environment using Microsoft Team Foundation Server 2010.

Bryan Sullivan

MSDN Magazine March 2010


Security Briefs: Security Compliance as an Engineering Discipline

  

Many companies starting out with the SDL are doing so in combination with a security compliance program. We'll show you some best practices and pitfall we've seen when employing SDL principles for compliance.

Brad Hill

MSDN Magazine February 2010


Security Briefs: XML Denial of Service Attacks and Defenses

  

This article reviews what makes XML vulnerable to denial of service attacks and how to mitigate these attacks.

Bryan Sullivan

MSDN Magazine November 2009


Security Briefs: A Follow-on Conversation about Threat Modeling

  

This article explores the use of threat modeling to address security concerns in your applications.

Michael Howard

MSDN Magazine September 2009


Security Briefs: Cryptographic Agility

  

Even if you use only the most secure algorithms and the longest key lengths, there's no guarantee that the code you write today will remain secure. A better alternative is to plan for agility from the beginning. Rather than hard-coding specific cryptographic algorithms into your code, use one of the crypto-agility features built into the Microsoft .NET Framework. This article shows you how.

Bryan Sullivan

MSDN Magazine August 2009


Security Briefs: A Conversation About Threat Modeling

  

Listen in on a chat between a developer and security pro that delves into some of the major Security Development Lifecycle (SDL) requirements we impose on product teams here at Microsoft

Michael Howard

MSDN Magazine May 2009


Security Briefs: Protect Your Site With URL Rewriting

  

Learn the numerous ways in which you can rewrite URLs to defend against common Web vulnerabilities.

Bryan Sullivan

MSDN Magazine March 2009


Security Briefs: Getting Started With The SDL Threat Modeling Tool

  

The Security Development Lifecycle (SDL) threat modeling tool helps you develop great threat models as a backbone of your security process. We'll show you how it works.

Adam Shostack

MSDN Magazine January 2009


Security Briefs: Threat Models Improve Your Security Process

  

Using threat models to drive your security engineering process helps prioritize the code review, fuzz testing, and attack surface analysis tasks.

Michael Howard

MSDN Magazine November 2008


Security Briefs: SDL Embraces The Web

  

In this installment we introduce you to new Web-oriented security guidance and tools straight from the Security Development Lifecycle (SDL) team at Microsoft.

Bryan Sullivan

MSDN Magazine September 2008


Security Briefs: Reinvigorate your Threat Modeling Process

  

In this column the author outlines some approaches to threat modeling that can be employed by development teams of any size.

Adam Shostack

MSDN Magazine July 2008


Foundations: Adding Code Access Security to WCF, Part 2

  

This month's column continues the discussion around code access security in WCF and partially trusted services.

Juval Lowy

MSDN Magazine July 2008


Security Briefs: Penetration Testing

  

In this installment of Security Briefs, James Whittaker explains the rules and the pitfalls of penetration testing so you'll know how to avoid them.

James A. Whittaker

MSDN Magazine May 2008


Foundations: Code Access Security in WCF, Part 1

  

Here we discuss code-access security in Windows Communication Foundation (WCF) and present a solution for enabling partially trusted clients for WCF services.

Juval Lowy

MSDN Magazine April 2008


Categories: 
ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend