Robert Hurlbut Blog

Thoughts on Software Security, Software Architecture, Software Development, and Agility

VSLive San Francisco 2006 - .NET 2.0 Security talk

Thursday, February 2, 2006 Comments

 .NET  ASP.NET  Personal  Security  Speaking 
Share:   Share on LinkedIn    Share on Twitter    Share on Facebook   

Yesterday's session on "Leveraging .NET 2.0 Security Features" went quite well. I have posted slides and code on my site here.

This was the first time I presented on the ideas of SecurityTransparency -- a new way of separating your code into SecurityTransparent (code which doesn't require privilege escalation) and SecurityCritical (code that requires a privilege escalation -- all .NET code is this now by default). A couple of good resources on this topic can be found here:

Someone at the session asked a question about ProtectedData and ProtectedMemory, two new methods to seamlessly use DPAPI to encrypt information locally. Unfortunately, it doesn't look like it is included in the Compact Framework 2.0, but ProtectedData is included in the OpenNETCF library (see ProtectedData).

Share:   Share on LinkedIn    Share on Twitter    Share on Facebook