| Windows Server 2008 : Examining File-Level Security |
| The latest revision of the NT File System (NTFS) is used in Windows Server 2008 R2 to provide for file-level security in the operating system. Each object that is referenced in NTFS, which includes files and folders, is marked by an access control entry (ACE) that physically limits who can and cannot access a resource. |
|
| Server 2008 : Hardening Server Security |
| Depending on the size of an organization, a server might be designated for one or multiple network roles. In an ideal world, a separate server or servers would be designated to handle a single role, such as DHCP server or DNS server. |
|
| Server 2008 : Using the Integrated Windows Firewall with Advanced Security |
| The firewall with advanced security is fully integrated with the Server Manager utility and the Server Roles Wizard. For example, if an administrator runs the Server Roles Wizard and chooses to make the server a file server, only then are those ports and protocols that are required for file server access opened on the server. |
|
| Server 2008 : Deploying Physical Security |
| One of the most overlooked but perhaps most critical components of server security is the actual physical security of the server itself. The most secure, unbreakable web server is powerless if a malicious user can simply unplug it. |
|
|
|
|
|
|
|
|
|
| Programming .NET Security : Programming Asymmetrical Encryption |
| The .NET Framework takes the same approach to representing asymmetric algorithms as it does for symmetric algorithms and hashing algorithms; abstract classes extend the System.Security.Cryptography.AsymmetricAlgorithm class for each of the supported algorithms. |
|
|
|
|
|
|
|
|
|
|
|
| Programmatic Security (part 3) - Permission Attributes |
| All security permission classes have equivalent attribute classes. You can apply the security attributes instead of programmatically creating a permission class and demanding a stack walk or installing a stack-walk modifier. |
|
|
|
| Programmatic Security (part 1) - The Permission Classes |
| Although for the most part administrative security configuration is sufficient, .NET also provides various programmatic ways to control and enforce security. You can use these powerful techniques to tighten security, optimize performance, handle unknown security policies, and deal with questionable components |
|
|
|
|
|
| Programming Symmetrical Encryption (part 1) |
| The .NET Framework takes the same basic approach to defining symmetric algorithms; abstract classes extend the System.Security.Cryptography.SymmetricAlgorithm class for each of the supported algorithms |
|
| Programming .NET Security : Symmetric Encryption Explained (part 3) |
| Most messages do not divide neatly into the fixed-size blocks required by the cipher function, and there is usually a partial data block left over at the end. The cipher function cannot process partial blocks, and the algorithm adds "padding" to the leftover data to create a complete block. |
|
|
|
|
|
|
|
| Hashing Algorithms: Extending the .NET Framework (part 1) |
| The Adler32 algorithm generates a 32-bit hash code and is included as part of GZIP-compressed files to guard against inadvertent modification (for example, errors introduced in copying a compressed file over a network connection). |
|
| Programming Keyed Hashing Algorithms |
| The .NET Framework has a much more direct model for representing keyed hashing algorithms. There are no abstract classes for different algorithms, meaning that there can be only one implementation of each keyed algorithm. |
|
|
|
|
|
|
|
|
|
|
|
|
|
| Programming .NET Security : Hashing Algorithms Explained |
| A hashing algorithm creates a hash code, also called a "message digest" or "message fingerprint." Hash codes are of limited use for communications security, because Eve can replace both the hash code and the message that Bob receives, but they are an essential element of digital signatures. |
|
| Programming .NET Security : Cryptography Explained (part 2) |
| Integrity becomes an issue when Alice wants to send a message to Bob but is concerned that Eve will tamper with the message and change the contents. In this case, Alice does not care if Eve can read the message—she only wants to make sure that Bob can detect any changes made by Eve. |
|
|
|
| .NET security : Administering Isolated Storage |
| You can use both the .NET Framework Configuration tool (Mscorcfg.msc) and the Code Access Security Policy tool (Caspol.exe) to administer security policy to grant access to isolated storage |
|
| .NET security : Programming Isolated Storage |
| Isolated storage is simple to use and requires knowledge of relatively few classes. The most important class is System.IO.IsolatedStorage.IsolatedStorageFile. IsolatedStorageFile objects represent individual stores and provide methods to manage the files and directories contained within the stores, as well as properties to access information, such as the store's isolation scope, current size, and maximum size |
|
| .NET security : Isolated Storage Explained |
| Many applications need to write data to a persistent store so that it's available each time the application runs. Data, such as user preferences and application state, is generally user-specific and needs to be stored in such a way that other users, and possibly other applications, cannot access and modify it. |
|
| Programming Role-Based Security |
| In your applications, you protect functionality by making role-based security demands that specify the identity or role that the thread's principal must contain. If the thread's principal does not contain the demanded identity and role, then the demand causes an exception. |
|
| Role-Based Security Explained |
| Role-based security (RBS) is a common security model in contemporary computing. When users wish to access a computer system, they must first prove their identity—a process known as authentication. |
|
