Security Zone

Add Fingerprint Scan-based Security to Your .NET Applications Today

iometric recognition is one of the most reliable ways to confirm the identity of an individual. And by now, many people are undoubtedly familiar with the Microsoft Fingerprint Reader (see Figure 1). Besides logging into a computer using a fingerprint scan from the reader, you can also use the application

Code Access Security: When Role-based Security Isn’t Enough

sk any typical .NET developer about Code Access Security (CAS) and you’ve got the chance of hearing “Huh?” as the response. Most developers haven’t run into CAS at all?let alone in a way that would cause them to develop a deep understanding of it. Ask your typical SharePoint developer about

Security in All Phases of the Software Development Lifecycle

etween project deadline pressure and user demand for the latest software features, security often isn’t the highest priority for development teams. Many times, eliminating vulnerabilities is seen as a task that someone or, in larger organizations, a team performs in the testing phase at the tail end of the software

Book Excerpt: The 19 Deadly Sins of Software Security

his essential book for all software developers?regardless of platform, language, or type of application?outlines the “19 deadly sins” of software security and shows how to fix each one. Best-selling authors Michael Howard and David LeBlanc, who teach Microsoft employees how to secure code, have partnered with John Viega, the man

Cross-Domain Single Sign-On Authentication with JAAS

ingle sign-on (SSO) is a very hot topic. Businesses in every industry are eager to integrate legacy systems into newer applications, and SSO can alleviate the headaches users experience when trying to manage a long list of user names and passwords for various systems. Enter the Java Authentication and Authorization

Pocket This Decoder for WS-Alphabet Soup

he Web Services Interoperability organization (WSI) has developed a whole stable of standards upon which Web services commerce and communication can be executed securely. These standards are in great demand and many developers have already gotten their feet wet with a few of them out of sheer necessity. But it’s

Install OpenBSD to Secure Your Web Server

he OpenBSD team prides itself on producing one of the most?if not the most?secure operating systems in the world. If you are concerned about keeping the sensitive data within your organization protected, consider OpenBSD. As a member of the 4.4BSD-lite family of operating systems, OpenBSD sets itself apart by claiming

Security Vendor Pushes the Limits of Ethical Exploit Reporting

ome of the grubbiest ethical quandaries in IT never quite get resolved; we make progress, we debate, we set guidelines, but burying such issues for good?with accepted industry policy?is a hard-fought battle. In the meantime, IT practitioners are left in the lurch, trying to keep the menace of uncertainty at

Use SQLyog Tunneling for Secure MySQL Server Management

ost Web hosting providers block port 3306 (the MySQL server port) at the firewall to prevent outside access. As a result, many MySQL developers and administrators can’t access and manage their own MySQL servers remotely; they must use the Web-based interfaces that their ISPs provide. Although these Web-based tools generally

No more posts to show