Hernan de Lahitte's blog
.NET Development from the trenches
Sign in
|
Join
Home
Contact
About
RSS
Atom
Comments RSS
Search
Tags
.NET General
Architecture
EDRA (Shadowfax)
Forms Authentication
GAT
MBI 3
Patterns & Practices
Security
Web Services
WSSF
News
Visit these related links:
Digit Factory S.R.L.
Patterns & Practices
Web Service Software Factory: Modeling Edition
ESB Guidance
Navigation
Home
Blogs
Archives
September 2009 (1)
July 2009 (2)
June 2009 (4)
May 2009 (2)
April 2009 (7)
December 2008 (1)
November 2008 (1)
September 2008 (1)
July 2008 (1)
June 2008 (2)
March 2008 (1)
January 2007 (1)
November 2006 (1)
October 2006 (1)
May 2006 (1)
December 2005 (2)
November 2005 (2)
September 2005 (1)
August 2005 (1)
June 2005 (2)
May 2005 (3)
March 2005 (1)
February 2005 (1)
January 2005 (1)
December 2004 (1)
November 2004 (2)
October 2004 (1)
September 2004 (1)
August 2004 (3)
July 2004 (4)
June 2004 (6)
May 2004 (3)
April 2004 (4)
March 2004 (8)
February 2004 (3)
Books
Writing Secure Code, Second Edition
.NET Framework Security
Security Engineering...
Newsgroups
About .NET security.
ASP.NET security.
Others
Disclaimer
Author Bio
Security
Security Developer Center
Building Secure ASP.NET Applications
Threats and Countermeasures
.NET Framework Security
Writing Secure Code
Keith Brown's web site
NCrypto project
Security Tools
July 2004 - Posts
7
Comments
Storing Sensitive Data in Config Files
by
HernanDL
Many people usually ask how they can store sensitive data in configuration files. Configuration files are definitely a bad place to store sensitive data like user credentials or connection strings. Here and here you will find some guidelines about storing...
Filed under:
Security
17
Comments
Forms authentication and role-based security
by
HernanDL
In a recent post about Forms Authentication and Roles that showed the way to improve performance when you have to fetch the roles info on each page hit, some people note that the proposed solution suffered from the cookie size limit and the approach was...
Filed under:
Security
,
Forms Authentication
0
Comments
My Laptop Got Altitude Illness
by
HernanDL
This week I flew to La Paz (Bolivia) to give consulting services to one of our customers. As you may know, La Paz is the highest capital city in the world (almost 12.000 ft / 3600 m). It’s a wonderful city but if you live in a city at the sea level (like...
Filed under:
.NET General
11
Comments
SecureString in NET v1.1
by
HernanDL
Every time you need to store sensitive data your first thought use to be encryption. You probably gather that data from the store, decrypt it and put it on a managed string in order to be consumed by some API (ie. ConnectionStrings properties and the...
Filed under:
Security
More Posts