http://keznews.com/server.php?web_link=msdn.microsoft.com News en-us http://media.keznews.com/pics/logo_windows_portal.jpg http://keznews.com/ http://keznews.com/16068=Identity__Secure_Your_ASP_NET_Apps_And_WCF_Services_With_Windows_CardSpace Windows CardSpace replaces traditional username/password authentication with a tool that helps users better manage their digital identities and helps shield users from various forms of identity attack such as phishing. Michèle Leroux Bustamante explains. Fri, 30 Mar 2007 22:16:12 http://keznews.com/16067=CLR_Inside_Out__New_Library_Classes_in_“Orcas” The next version of Visual Studio, code-named “Orcas,” supports new encryption algorithms, big integers, and other worthy enhancements. The CLR team explains. Fri, 30 Mar 2007 22:16:12 http://keznews.com/16066=Security_Briefs__Improve_Manageability_through_Event_Logging When something goes wrong, a manageable application will tell the administrator how to fix the problem. The Windows Event Log can provide the necessary information. Fri, 30 Mar 2007 22:16:11 http://keznews.com/15744=_NET_Security__Support_Certificates_In_Your_Applications_With_The__NET_Framework_2_0 This article takes a tour of certificates in general, looks at the Windows Certificate Store, and discusses the certificate APIs of the .NET Framework 2.0. Wed, 14 Mar 2007 03:16:10 http://keznews.com/15743=ASP_NET_2_0__Manage_Web_Users_With_Custom_Profile_Providers In ASP.NET 2.0, profile providers allow you to manage users more efficiently. Learn how to create your own. Wed, 14 Mar 2007 03:16:09 http://keznews.com/15742=Cutting_Edge__Validating_ASP_NET_Query_Strings If your ASP.NET pages use query string parameters, you need to ensure that they are properly validated before use. Here Dino Esposito shows how. Wed, 14 Mar 2007 03:16:09 http://keznews.com/14865=Least_Privilege__Teach_Your_Apps_To_Play_Nicely_With_Windows_Vista_User_Account_Control Learn how to modify your applications to ensure they work seamlessly with the new User Account Control feature of Windows Vista. Sat, 27 Jan 2007 03:16:08 http://keznews.com/14864=Desktop_Security__Create_Custom_Login_Experiences_With_Credential_Providers_For_Windows_Vista Credential providers in Windows Vista allow you to customize the logon experience and integrate the authentication methods that best meet your organization's needs. With this article, learn how to write your own. Sat, 27 Jan 2007 03:16:07 http://keznews.com/14863=Security_Briefs__Using_Protocol_Transition—Tips_from_the_Trenches Now that Windows Server 2003 is widely deployed, Keith Brown addresses questions from readers who are trying to use protocol transition to build secure gateways into their intranets. Sat, 27 Jan 2007 03:16:07 http://keznews.com/13294=Secure_Habits__8_Simple_Rules_For_Developing_More_Secure_Code Never trust data, model threats against your code, and other good advice from a security expert. Sat, 04 Nov 2006 03:06:09 http://keznews.com/13293=Threat_Modeling__Uncover_Security_Design_Flaws_Using_The_STRIDE_Approach Whenever you build a new system, you should consider how an intruder might go about attacking it and build in appropriate defenses at design-time. Sat, 04 Nov 2006 03:06:09 http://keznews.com/13292=Single_Sign-On__A_Developer’s_Introduction_To_Active_Directory_Federation_Services Use Active Directory Federation Services to allow other organizations to use your Web applications without the need for you to grant access to their users individually. Sat, 04 Nov 2006 03:06:09 http://keznews.com/13291=Smart_Storage__Protect_Your_Data_Via_Managed_Code_And_The_Windows_Vista_Smart_Card_APIs Smart cards are a compelling alternative to the reliance on passwords, which are the weakest link in authentication systems. Learn how to integrate smart cards into your managed applications here. Sat, 04 Nov 2006 03:06:09 http://keznews.com/13290=Extending_SDL__Documenting_And_Evaluating_The_Security_Guarantees_Of_Your_Apps In this article, the author presents an extension to the Security Development Lifecycle that could promote a better flow of information between users and designers of software security features. Sat, 04 Nov 2006 03:06:09 http://keznews.com/13289=SQL_Security__New_SQL_Truncation_Attacks_And_How_To_Avoid_Them This article discusses new SQL injection and modification attacks that could be used to attack your Web applications. Learn how to stop them. Sat, 04 Nov 2006 03:06:08 http://keznews.com/13288=Security_Briefs__Limited_User_Problems_and_Split_Knowledge This month, Windows® Communication Foundation service and the non-administrator, and implementing split knowledge and dual control of keys. Sat, 04 Nov 2006 03:06:08 http://keznews.com/12713=Web_Downloads__Build_Smarter_ASP_NET_File_Downloading_Into_Your_Web_Applications In this article, Joe Stagner presents some solutions for downloading files from ASP.NET sites so your users will have a fast, secure, and error-free downloading experience. Thu, 12 Oct 2006 22:06:10 http://keznews.com/12712=Secure_By_Design__Your_Field_Guide_To_Designing_Security_Into_Networking_Protocols If you were to build a new communications protocol from scratch, how would you address security? Here the authors take a look at that question and generate some valuable insights into secure protocols. Thu, 12 Oct 2006 22:06:10 http://keznews.com/12711=Security_Briefs__CardSpace__SqlMembershipProvider__and_More This month Keith Brown fields some reader questions on Windows CardSpace as well as on passwords for SqlMembershipProvider. Thu, 12 Oct 2006 22:06:10 http://keznews.com/12710=Windows_Vista_Story__Windows_Vista_Application_Development_Requirements_for_User_Account_Control Provides information to help application developers ensure that their applications are User Account Control (UAC) compatible. Thu, 12 Oct 2006 22:06:10