Developers are frequently attempting to build authentication and session management systems. But doing it correctly and securely is hard. We'll look at some of the more prevalent areas where thin...
Security is an essential part of an application and it should be taken into consideration from the grass root level from an application’s design. Security is all about protecting your assets from u...
The OWASP Top Ten provides a powerful awareness for web application security. In this article is the top 10 security risks listed by OWASP 2013.
This application an be used to encrypt a text message using AES encryption as well as send it to the person whose email is provided. This could be used as the security software for any of us. But t...
This article describes a simple approach to determining whether or not a logged in user is a member of a group within the context of a desktop application. The approach shown relies upon the use o...
In a certain cases, metadata embedded within your configuration file is sensitive. In fact, imagine that you develop an application that uses a data base as data source; all information about this ...
To run the excel report, security settings are required for excel application because while working with the excel application we are going to use some of the classes for manipulating the data insi...
In this article, I will propose a method of how to encrypt data and store it using symmetric algorithms whose are, in fact, four integrated classes within the .Net framework, namely DES,RC2,Rijnda...
This article highlights some of the key concepts of .NET Security like Code Access Security, Evidence based Security and many more.
This article is intended to explore the provider pattern in the context of a membership provider.
Authentication is a very important element of developing secure sites. It is the starting point of a secure environment for the protected resources. I have discussed several authentication mechanis...
Gayan Peiris May 07, 2003 Developing security for a site is like paying tax. You know it should be done at the end of financial year. But you keep it for the last and some time expect you should never have to do it. It is a...
Gayan Peiris Mar 04, 2003 .NET Sql Authorization Manager (AzMan x .NET 2.0) allows you to set Item-based permissions for Authorization Manager-enabled Microsoft.NET 2.0 applications. Storage reside on a MS Sql Server DataBa...
Part-I and II of this article discussed the basics of cryptography and its applications in real world enterprise solutions. Part-I discussed the nitty-gritty of encryption and its implementation in...
Microsoft .NET has pre-built solutions to all of these in each application domain, viz., ASP. NET, Web Services, Serviced Component etc. It enables building secured application by simple configurat...
In some applications, it might be necessary to extract the modulus and exponent from the X509Certificate PublicKey. The X509Certificate.GetPublicKey() returns a byte array that contains the ASN.1 E...
Assert is a security action that is evaluated at run time. Code Access Permission classes and Permission Sets support a method called Assert. Using the Assert method to control access to resources ...
Chris Rausch Apr 25, 2001 In this article I will show you how you can view the Code Groups that an assembly belongs to and what permissions belong to the assembly. I will demonstrate the Caspol utility supplied with the .NE...
Chris Rausch May 02, 2001 Versioning in the Microsoft .NET Framework is managed at the assembly level and is only used when locating strong-named assemblies. By default, the common language runtime loads the assembly whose ...
Code Access Security represents a fundamentally different way of controlling access rights to protected resources. Traditionally, permissions such as access to the file system, databases or network...