Change page: < 1 2 3 4 5 6 7 8 9 10 11 12 >  |  Displaying page 9 of 12, items 321 to 360 of 444.
Infrastructure Security: The Application Level
Application or software security should be a critical element of your security program. Most enterprises with information security programs have yet to institute an application security program to address this realm.
Infrastructure Security: The Host Level
When reviewing host security and assessing risks, you should consider the context of cloud services delivery models (SaaS, PaaS, and IaaS) and deployment models (public, private, and hybrid).
Infrastructure Security: The Network Level
In the standard cancellation scenario, your task is passed a CancellationToken value from a higher layer of the application, such as the UI. In the case of a pipeline stage, you need to observe this cancellation token in two places.
.NET Components : Configuring Permissions
The .NET Configuration tool has a folder called Runtime Security Policy, which contains an item for each of the three policies that system administrators can use to mange code access security: Enterprise, Machine, and User. Each policy item has subfolders containing its code groups, permissions sets, and custom policy assemblies
The .NET Security Architecture
.NET component-oriented security is based on an elegant concept: using an administration tool, the system administrator grants assemblies certain permissions to perform operations with external entities such as the filesystem, the Registry, the user interface, and so on.
ASP.NET 4 in VB 2010 : Membership - Role-Based Security
The authentication examples you've examined so far provide an all-or-nothing approach that either forbids or allows a user. In many cases, however, an application needs to recognize different levels of users.
ASP.NET 4 in VB 2010 : The Security Controls
The basic membership features are a remarkable time-saver. They allow you to concentrate on programming your web application, without worrying about managing security and crafting the perfect database or user information. Instead, you can use the higher-level Membership and MembershipUser classes to do everything you need.
Security Fundamentals : Windows Authentication
When you use Windows authentication, you force users to log into IIS before they're allowed to access secure content in your website. The user login information can be transmitted in several ways (depending on the network environment, the requesting browser, and the way IIS is configured), but the end result is that the user is authenticated using a local Windows account.
Security Fundamentals : Forms Authentication
In old-fashioned ASP programming, developers had to create their own security systems. A common approach was to insert a little snippet of code at the beginning of every secure page.
Working with Assemblies : Overview of Security Changes in .NET 4.0
Assemblies contain code that is executed when you run the application. As for the operating system and for any development environment, code is executed according to security rules that prevent the code from unauthorized access to system resources.
Publishing ASP.NET Web Applications : MSDeploy Publish
One of the new features in deploying Web applications is the Microsoft Web Deployment Tool, also known as MSDeploy that is a command-line tool included in the .NET Framework 4 and which can build advanced deployment scripts
Configuring a Web Application for Security
The sample web application that was illustrated in the previous section has one important limitation: It can be accessed by anonymous users that can access important data.
Configure Windows Firewall with Advanced Security
Windows Firewall is installed and activated by default. How do you configure Windows Firewall to enhance security, and how do you customize Windows Firewall to work for your organization?
Understand Security Improvements in Windows Server 2008
You have installed Windows Server 2008 because you want to take advantage of the many improvements, including those in the area of security. How do you understand what improvements have been made to Windows Server 2008 security, and what do these improvements mean for your network?
Administering Code-Access Security: Using the .NET Framework Configuration Tool
The Permissions View tool (Permview.exe) allows you to view the declarative security statements used in an assembly. This is particularly useful when configuring security policy, as it allows you to view the permission requests contained in the assembly.
Inspecting Declarative Security Statements
The Permissions View tool (Permview.exe) allows you to view the declarative security statements used in an assembly. This is particularly useful when configuring security policy, as it allows you to view the permission requests contained in the assembly.
Securing Data from the DBA
Perhaps it is the increasing number of companies that outsource or offshore the DBA function, but I am regularly asked how to secure the data from the DBA who is in the sysadmin fixed server role.
SQL Server 2005 Data Protection
SQL Server 2005 introduces various methods to protect your data. As discussed throughout this chapter, data encryption uses a key to create nondeterministic ciphertext (encrypted data), which can only be decrypted with the appropriate encryption key
SQL Server 2005 Encryption Key Hierarchy
Each installation of SQL Server 2005 has a single service master key, which is created when you install SQL Server 2005. The service master key is used to protect linked server logins and credential secrets, and can be used to encrypt the database master key.
Default Security Policy
The configuration information for the enterprise, machine, and user policy levels is stored in separate files. Each file contains an XML description of the complete policy level including code groups, named permission sets, and fully trusted assemblies.
Security Policy Explained in .NET
Security policy is the set of configurable rules that provide a mapping between evidence and permissions. Specifically, the runtime uses security policy to determine which code-access permissions to grant an assembly or application domain based on the set of evidence that the assembly or application domain presents—a process known as policy resolution.
Permissions: Extending the .NET Framework
CAS is fully extensible and allows you to create your own permission classes that integrate with the security framework to provide capabilities equivalent to the standard permission classes. The creation of custom permissions is relatively straightforward.
Programming Code-Access Security
As a developer of applications, you will be interested in understanding the implementation and functionality of the standard permission classes, as well as how to make security requests to ensure that your application has the permissions it needs to execute.
Evidence and Code Identity: Extending the .NET Framework
The standard .NET evidence classes represent the most commonly available and useful characteristics of an assembly. For most situations, these classes provide enough reliable information from which to determine a unique identity for an assembly, enabling you to configure your security policy
Evidence Explained in .NET Security
Some types of evidence are inherent in the structure and content of an assembly, such as the assembly strong name, the hash value of the assembly's content, or the publisher certificate used to sign the assembly. Other types of evidence are determined at runtime, based on characteristics such as the web site or URL from where the assembly is loaded.
Introducing Code-Access Security in .NET
An important goal of the .NET Framework is to facilitate the development of highly distributed, component-based systems. With the .NET Framework, you can easily create applications that utilize code from different publishers, dynamically loading assemblies from different locations as required
Introducing Role-Based Security in .NET
The .NET Framework provides a generic role-based security mechanism to represent the identity and roles of the user on whose behalf code is running.
Managing Local Logon
All local computer accounts should have passwords. If an account is created without a password, anyone can log on to the account from the console, and there is no protection for the account. However, a local account without a password cannot be used to remotely access a computer.
Managing Stored Passwords in Vista
Windows Vista can store essential network and Web site passwords for the current user. These passwords are stored in an electronic key ring that provides easy logon to essential resources, wherever they might be located. If you find that a user frequently has problems logging on to password-protected resources, such as the company intranet or an external Internet site, you can create a key ring for that user.
Managing Local User Accounts and Groups in Vista
Local user accounts and groups are managed much like domain accounts. You can create accounts, manage their properties, reset accounts when they are locked or disabled, and so on. These and other tasks are examined in this section.
Working with File and Data Management Policies in Vista
Every system administrator should be familiar with file and data management policies, which affect the amount of data a user can store on systems, how offline files are used, and whether the System Restore feature is enabled. Policies that control disk quotas are applied at the system level.
Working with Access and Connectivity Policies in Vista
Many network policies are available. Network policies that control Internet Connection Sharing, Internet Connection Firewall, Windows Firewall, and Network Bridge are configured at the computer level. Network policies that control local area network (LAN) connections, Transmission Control Protocol/Internet Protocol (TCP/IP) configuration, and remote access are configured at the user level.
Working with Computer and User Script Policies in Vista
Policies that control script behavior are found under Computer Configuration\Administrative Templates\System\Scripts and User Configuration\Administrative Templates\System\Scripts. Through policy, you can control the behavior of startup, shutdown, logon, and logoff scripts.
Working with Logon and Startup Policies in Vista
Windows Vista provides a set of policies to control the logon process, some of which allow you to configure the way programs run at logon. This makes them similar to logon scripts, in that you can execute specific tasks at logon. Other policies change the view in the welcome and logon screens.
Controlling Access to Files and Folders with NTFS Permissions
In Windows Vista, the owner of a file or a folder has the right to allow or deny access to that resource, as do members of the Administrators group and other authorized users. Using Windows Explorer, you can view the currently assigned basic permissions by right-clicking a file or a folder, selecting Properties on the shortcut menu, and then selecting the Security tab in the Properties dialog box.
Sharing Files and Folders Over the Network in Vista
Windows Vista supports two file sharing models: public file sharing and standard file sharing. Although either or both techniques can be used in both workgroups and domains, standard file sharing is preferred because it is more secure than public file sharing.
Using and Configuring Public Folder Sharing
Public folder sharing is designed to enable users to share files and folders from a single location. It enables users to quickly determine everything they've publicly shared with others and organize publicly shared files by type. In this section, I'll examine how public folder sharing works and how public folder sharing can be configured.
Customizing the Browser User Interface
The Internet Explorer user interface can be customized for your organization using the Browser User Interface policies in Group Policy. These policies enable you to add custom titles to the title bar, custom logos that replace the Internet Explorer logo, and custom toolbars that add to or replace the existing toolbar.
Setting Default Internet Programs
You can set default Internet programs using the Programs tab of the Internet Properties dialog box or through Group Policy. The procedures are very similar. To set default programs through Group Policy, follow these steps:
Managing Connection and Proxy Settings
Internet connection settings and proxies can be two of the biggest problems for administrators. When you deploy new computers, you must configure the connection and proxy settings manually or rely on an image build of a machine that might not be up to date. When you make changes to the network, you might need to update the connection settings as well.
Top 10
Free Mobile And Desktop Apps For Accessing Restricted Websites
TOYOTA CAMRY 2; 2.5 : Camry now more comely
KIA SORENTO 2.2CRDi : Fuel-sipping slugger
How To Setup, Password Protect & Encrypt Wireless Internet Connection
Emulate And Run iPad Apps On Windows, Mac OS X & Linux With iPadian
Backup & Restore Game Progress From Any Game With SaveGameProgress
Generate A Facebook Timeline Cover Using A Free App
New App for Women ‘Remix’ Offers Fashion Advice & Style Tips
SG50 Ferrari F12berlinetta : Prancing Horse for Lion City's 50th
- Messages forwarded by Outlook rule go nowhere
- Create and Deploy Windows 7 Image
- How do I check to see if my exchange 2003 is an open relay? (not using a open relay tester tool online, but on the console)
- Creating and using an unencrypted cookie in ASP.NET
- Directories
- Poor Performance on Sharepoint 2010 Server
- SBS 2008 ~ The e-mail alias already exists...
- Public to Private IP - DNS Changes
- Send Email from Winform application
- How to create a .mdb file from ms sql server database.......
programming4us programming4us