Security - Web and Cloud

Browse by Tags

All Tags » Security (RSS)

Windows Azure Root Certificate Migration by Windows Azure

As part of our ongoing commitment to security we are making a change to our SSL certificate chain that will require a small number of customers to take action before April 15 th , 2013. Windows Azure currently uses the GTE CyberTrust Global Root and beginning...

Filed under: Security, Windows Azure

Windows Azure now supports federation with Windows Server Active Directory by Windows Azure

Yesterday we shared that Windows Azure Active Directory (AD) has processed 200 BILLION authentications . Today I’m excited to share some great identity-related improvements we’ve made to Windows Azure that leverage the capabilities of Windows...

Filed under: Azure, Security, Active Directory, Announcements, Office 365

Security, Privacy & Compliance Update: Availability of SSAE 16 / ISAE 3402 Attestation by Windows Azure

In April 2012, we launched Windows Azure Trust Center (WATC) with the goal of providing customers and partners with easier access to regulatory compliance information. We indicated that WATC would be updated on a regular basis with additional compliance...

Filed under: Security, Windows Azure, compliance, Privacy, Announcements

Windows Azure Trust Center Launched by Windows Azure

In Dec 2011, we announced that Windows Azure obtained ISO 27001 certification for its core features. Today, we are launching Windows Azure Trust Center with the goal of providing customers and partners with easier access to regulatory compliance information...

Filed under: Security, Windows Azure, compliance, Privacy, Announcements, certifications, ISO

Learn Best Practices for Building Secure Applications in Windows Azure in New Blog Series, “Windows Azure Security Best Practices” by Windows Azure

Bruce D. Kyle has posted a great series, “Windows Azure Security Best Practices” on the ISV Developer Community Blog , providing a look into how you can secure your application in Windows Azure . This seven-part series describes the threats...

Filed under: Security, Windows Azure, Developers

ASP.NET Security Update Shipping Thursday, Dec 29th by ScottGu's Blog

A few minutes ago Microsoft released an advance notification security bulletin announcing that we are releasing an out-of-band security update to address an ASP.NET Security Vulnerability . The security update we are releasing resolves a publicly disclosed...

Filed under: ASP.NET, Community News, .NET, Security

Claims Identity Guide–Hands On Labs by Eugenio Pace

Training content based on our guides has been as popular as the content itself. You can now download the “Release Candidate” for labs corresponding to the new guide . The labs are more than just a mirror of the guide. We took the opportunity of adding...

Filed under: Security, Access Control Service, Federated Identity, Claims, Identity, Geneva, ADFS, SSO, Federation Provider, Identity Provider, WebSSO, Claims Guide, ACS, claims transformation

Using IIS Express to Secure Silverlight and WCF Applications by Dan Wahlin's WebLog

I’ve been using IIS Express lately with Silverlight and WCF services and have learned to appreciate the “real-world” advantage it gives you versus the built-in Visual Studio “Cassini” server. Although I’ve always preferred to use IIS whenever possible...

Filed under: .NET, Silverlight, WCF, Security, IISExpress

Integrating Security Roles into Silverlight Applications–TechEd 2011 Talk by Dan Wahlin's WebLog

I had the opportunity to give a talk at TechEd 2011 about integrating security roles, user names, etc. into Silverlight applications which is always a fun experience. Because Silverlight runs in a sandbox and doesn’t have direct access to the IPrincipal...

Filed under: Silverlight, WCF, Security, Architecture, TechEd

SQL Azure Connection Security by SQL Azure Team Blog

Selcin Turkarslan has written an in-depth TechNet wiki article about connection security considerations when using SQL Azure. The article is primarily concerned with writing secure connection strings for SQL Azure Database. I’d highly recommend...

Filed under: Security, SQL Azure

Using PDO::quote with Parameterized Queries by The Official Microsoft IIS Site

I spent some time last week investigating a puzzling issue raised in the SQL Server Driver for PHP forums: Need help with PDO::quote() and PDOStatement::bindValue and PDO::execute using new SQLSRVR 2.0 driver . At the heart of the issue was this question...

Filed under: Security, SQL Server Driver for PHP, PDO

Storing Encrypted Data in Windows Azure by Windows Azure

As companies weigh the benefits of moving their data, processes, and systems to the cloud-from reduced infrastructure costs to rapid, success-based scaling-security is a perennial concern. Executives want to know: How will we protect our company's...

Filed under: Security, Windows Azure customers

Working with User Names and Roles in Silverlight Applications by Dan Wahlin's WebLog

Security is a key component of applications and something that developers often struggle with to get right. How do you authenticate a user? How do you integrate roles and use them to show or hide different parts of a screen? These and other questions...

Filed under: .NET, Silverlight, WCF, C#, Security, MVVM

Do Stored Procedures Protect Against SQL Injection? by The Official Microsoft IIS Site

When I’ve asked people about their strategies for preventing SQL injection, one response is sometimes “I use stored procedures.” But, stored procedures do not , by themselves, necessarily protect against SQL injection . The usefulness...

Filed under: Security, SQL Injection

ASP.NET Security Fix Now on Windows Update by ScottGu's Blog

Earlier this week I blogged about the availability of a patch on the Microsoft Download Center to fix the recent ASP.NET Security Vulnerability. Today we also made it possible to update systems through Windows Update (WU) and Windows Server Update Services...