Search Results

Search found 3707 results on 149 pages for 'secure'.

Page 47/149 | < Previous Page | 43 44 45 46 47 48 49 50 51 52 53 54  | Next Page >

  • White Paper: Internet Explorer 8 and the Security Development Lifecycle

    Creating a functional and more secure Web browser is a tremendous challenge that all browser vendors face. Learn how Microsoft has confronted this challenge by proactively embedding security into every stage of the Windows Internet Explorer 8 software engineering process with the Security Development Lifecycle (SDL)....Did you know that DotNetSlackers also publishes .net articles written by top known .net Authors? We already have over 80 articles in several categories including Silverlight. Take a look: here.

    Read the article

  • Windows' Boll Weevil problem

    <b>Sure, it's Secure:</b> "When your earnings depend on one fragile system--whether it's Windows running all your computers or one cash crop--you're always one devastating bug away from disaster."

    Read the article

  • Common Areas For Securing Web Services

    The only way to truly keep a web service secure is to host it on a web server and then turn off the server. In real life no web service is 100% secure but there are methodologies for increasing the security around web services. In order for consumers of a web service they must adhere to the service’s Service-Level Agreement (SLA).  An SLA is a digital contract between a web service and its consumer. This contract defines what methods and protocols must be used to access the web service along with the defined data formats for sending and receiving data through the service. If either part does not abide by the contract then the service will not be accessible for consumption. Common areas for securing web services: Universal Discovery Description Integration  (UDDI) Web Service Description Language  (WSDL) Application Level Network Level “UDDI is a specification for maintaining standardized directories of information about web services, recording their capabilities, location and requirements in a universally recognized format.” (UDDI, 2010) WSDL on the other hand is a standardized format for defining a web service. A WSDL describes the allowable methods for accessing the web service along with what operations it performs. Web services in the Application Level can control access to what data is available by implementing its own security through various methodologies but the most common method is to have a consumer pass in a token along with a system identifier so that they system can validate the users access to any data or actions that they may be requesting. Security restrictions can also be applied to the host web server of the service by restricting access to the site by IP address or login credentials. Furthermore, companies can also block access to a service by using firewall rules and only allowing access to specific services on certain ports coming from specific IP addresses. This last methodology may require consumers to obtain a static IP address and then register it with the web service host so that they will be provide access to the information they wish to obtain. It is important to note that these areas can be secured in any combination based on the security level tolerance dictated by the publisher of the web service. This being said, the bare minimum security implantation must be in the Application Level within the web service itself. Typically I create a security layer within a web services exposed Internet that requires a consumer identifier and a consumer token. This information is then used to authenticate the requesting consumer before the actual request is performed. Refernece:UDDI. (2010). Retrieved 11 13, 2011, from LooselyCoupled.com: http://www.looselycoupled.com/glossary/UDDIService-Level Agreement (SLA). (n.d.). Retrieved 11 13, 2011, from SearchITChannel: http://searchitchannel.techtarget.com/definition/service-level-agreement

    Read the article

  • Oracle's Integrated Systems Management and Support Experience

    - by Scott McNeil
    With its recent launch, Oracle Enterprise Manager 11g introduced a new approach to integrated systems management and support. What this means is taking both areas of IT management and vendor support and combining them into one integrated comprehensive and centralized platform. Traditional Ways Under the traditional method, IT operational teams would often focus on running their systems using management tools that weren’t connected to their vendor’s support systems. If you needed support with a product, administrators would often contact the vendor by phone or visit the vendor website for support and then log a service request in order to fix the issues. This method was also very time consuming, as administrators would have to collect their software configurations, operating systems and hardware settings, then manually enter them into an online form or recite them to a support analyst on the phone. For the vendor, they had to analyze all the configuration data to recreate the problem in order to solve it. This approach was very manual, uncoordinated and error-prone where duplication between the customer and vendor frequently occurred. A Better Support Experience By removing the boundaries between support, IT management tools and the customer’s IT infrastructure, Oracle paved the way for a better support experience. This was achieved through integration between Oracle Enterprise Manager 11g and My Oracle Support. Administrators can not only manage their IT infrastructure and applications through Oracle Enterprise Manager’s centralized console but can also receive proactive alerts and patch recommendations right within the console they use day-in-day-out. Having one single source of information saves time and potentially prevents unforeseen problems down the road. All for One, and One for All The first step for you is to allow Oracle Enterprise Manager to upload configuration data into Oracle’s secure configuration repository, where it can be analyzed for potential issues or conflicts for all customers. A fix to a problem encountered by one customer may actually be relevant to many more. The integration between My Oracle Support and Oracle Enterprise Manager allows all customers who may be impacted by the problem to receive a notification about the fix. Once the alert appears in Oracle Enterprise Manager’s console, the administrator can take his/her time to do further investigations using automated workflows provided in Oracle Enterprise Manager to analyze potential conflicts. Finally, administrators can schedule a time to test and automatically apply the fix to all the systems that need it. In the end, this helps customers maintain their service levels without compromise and avoid experiencing unplanned downtime that may result from potential issues or conflicts. This new paradigm of integrated systems management and support helps customers keep their systems secure, compliant, and up-to-date, while eliminating the traditional silos between IT management and vendor support. Oracle’s next generation platform also works hand-in-hand to provide higher quality of service to business users while at the same time making life for administrators less complicated. For more information on Oracle’s integrated systems management and support experience, be sure to visit our Oracle Enterprise Manager 11g Resource Center for the latest customer videos, webcast, and white papers.

    Read the article

  • How to avoid email reply from my web site being marked as spam? [closed]

    - by Eric
    Possible Duplicate: How could I prevent my mail from being recognized as spam? Here's the situation: Customer fills out inquiry form on web site That inquiry goes to person X Person X goes to my web site (mysite.com) and presses some keys and the customer gets an email from [email protected] Here's my question: how can I be sure the email from [email protected] always gets through to the customer? Can I help it along by using SPF or some other secure email framework/solution? Thank you-- E

    Read the article

  • [GEEK SCHOOL] Network Security 7: Using the Action Center for Extra Security and Maintenance

    - by Ciprian Rusen
    In this lesson we will talk about another lesser-known security tool in Windows – the “Action Center”. This tool that has an impact on both how secure your system is and how well it is running from a maintenance perspective. The Action Center first made its appearance all the way back in Windows XP as the “Windows Security Center” and was such through Vista until being renamed in Windows 7.Click Here to Continue Reading

    Read the article

  • Christmas Captured with LEGO Star Wars

    - by Jason Fitzpatrick
    Combine the mini figures and modules from a LEGO Star Wars Advent Calendar with some creative photography, and you’ve got yourself a recipe for this some rather fun Star Wars-themed Christmas photos. LEGO Star Wars Advent Calendar Photos [Flickr via Boing Boing] Secure Yourself by Using Two-Step Verification on These 16 Web Services How to Fix a Stuck Pixel on an LCD Monitor How to Factory Reset Your Android Phone or Tablet When It Won’t Boot

    Read the article

  • Integration Patterns with Azure Service Bus Relay, Part 3: Anonymous partial-trust consumer

    - by Elton Stoneman
    This is the third in the IPASBR series, see also: Integration Patterns with Azure Service Bus Relay, Part 1: Exposing the on-premise service Integration Patterns with Azure Service Bus Relay, Part 2: Anonymous full-trust .NET consumer As the patterns get further from the simple .NET full-trust consumer, all that changes is the communication protocol and the authentication mechanism. In Part 3 the scenario is that we still have a secure .NET environment consuming our service, so we can store shared keys securely, but the runtime environment is locked down so we can't use Microsoft.ServiceBus to get the nice WCF relay bindings. To support this we will expose a RESTful endpoint through the Azure Service Bus, and require the consumer to send a security token with each HTTP service request. Pattern applicability This is a good fit for scenarios where: the runtime environment is secure enough to keep shared secrets the consumer can execute custom code, including building HTTP requests with custom headers the consumer cannot use the Azure SDK assemblies the service may need to know who is consuming it the service does not need to know who the end-user is Note there isn't actually a .NET requirement here. By exposing the service in a REST endpoint, anything that can talk HTTP can be a consumer. We'll authenticate through ACS which also gives us REST endpoints, so the service is still accessed securely. Our real-world example would be a hosted cloud app, where we we have enough room in the app's customisation to keep the shared secret somewhere safe and to hook in some HTTP calls. We will be flowing an identity through to the on-premise service now, but it will be the service identity given to the consuming app - the end user's identity isn't flown through yet. In this post, we’ll consume the service from Part 1 in ASP.NET using the WebHttpRelayBinding. The code for Part 3 (+ Part 1) is on GitHub here: IPASBR Part 3. Authenticating and authorizing with ACS We'll follow the previous examples and add a new service identity for the namespace in ACS, so we can separate permissions for different consumers (see walkthrough in Part 1). I've named the identity partialTrustConsumer. We’ll be authenticating against ACS with an explicit HTTP call, so we need a password credential rather than a symmetric key – for a nice secure option, generate a symmetric key, copy to the clipboard, then change type to password and paste in the key: We then need to do the same as in Part 2 , add a rule to map the incoming identity claim to an outgoing authorization claim that allows the identity to send messages to Service Bus: Issuer: Access Control Service Input claim type: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier Input claim value: partialTrustConsumer Output claim type: net.windows.servicebus.action Output claim value: Send As with Part 2, this sets up a service identity which can send messages into Service Bus, but cannot register itself as a listener, or manage the namespace. RESTfully exposing the on-premise service through Azure Service Bus Relay The part 3 sample code is ready to go, just put your Azure details into Solution Items\AzureConnectionDetails.xml and “Run Custom Tool” on the .tt files.  But to do it yourself is very simple. We already have a WebGet attribute in the service for locally making REST calls, so we are just going to add a new endpoint which uses the WebHttpRelayBinding to relay that service through Azure. It's as easy as adding this endpoint to Web.config for the service:         <endpoint address="https://sixeyed-ipasbr.servicebus.windows.net/rest"                   binding="webHttpRelayBinding"                    contract="Sixeyed.Ipasbr.Services.IFormatService"                   behaviorConfiguration="SharedSecret">         </endpoint> - and adding the webHttp attribute in your endpoint behavior:           <behavior name="SharedSecret">             <webHttp/>             <transportClientEndpointBehavior credentialType="SharedSecret">               <clientCredentials>                 <sharedSecret issuerName="serviceProvider"                               issuerSecret="gl0xaVmlebKKJUAnpripKhr8YnLf9Neaf6LR53N8uGs="/>               </clientCredentials>             </transportClientEndpointBehavior>           </behavior> Where's my WSDL? The metadata story for REST is a bit less automated. In our local webHttp endpoint we've enabled WCF's built-in help, so if you navigate to: http://localhost/Sixeyed.Ipasbr.Services/FormatService.svc/rest/help - you'll see the uri format for making a GET request to the service. The format is the same over Azure, so this is where you'll be connecting: https://[your-namespace].servicebus.windows.net/rest/reverse?string=abc123 Build the service with the new endpoint, open that in a browser and you'll get an XML version of an HTTP status code - a 401 with an error message stating that you haven’t provided an authorization header: <?xml version="1.0"?><Error><Code>401</Code><Detail>MissingToken: The request contains no authorization header..TrackingId:4cb53408-646b-4163-87b9-bc2b20cdfb75_5,TimeStamp:10/3/2012 8:34:07 PM</Detail></Error> By default, the setup of your Service Bus endpoint as a relying party in ACS expects a Simple Web Token to be presented with each service request, and in the browser we're not passing one, so we can't access the service. Note that this request doesn't get anywhere near your on-premise service, Service Bus only relays requests once they've got the necessary approval from ACS. Why didn't the consumer need to get ACS authorization in Part 2? It did, but it was all done behind the scenes in the NetTcpRelayBinding. By specifying our Shared Secret credentials in the consumer, the service call is preceded by a check on ACS to see that the identity provided is a) valid, and b) allowed access to our Service Bus endpoint. By making manual HTTP requests, we need to take care of that ACS check ourselves now. We do that with a simple WebClient call to the ACS endpoint of our service; passing the shared secret credentials, we will get back an SWT: var values = new System.Collections.Specialized.NameValueCollection(); values.Add("wrap_name", "partialTrustConsumer"); //service identity name values.Add("wrap_password", "suCei7AzdXY9toVH+S47C4TVyXO/UUFzu0zZiSCp64Y="); //service identity password values.Add("wrap_scope", "http://sixeyed-ipasbr.servicebus.windows.net/"); //this is the realm of the RP in ACS var acsClient = new WebClient(); var responseBytes = acsClient.UploadValues("https://sixeyed-ipasbr-sb.accesscontrol.windows.net/WRAPv0.9/", "POST", values); rawToken = System.Text.Encoding.UTF8.GetString(responseBytes); With a little manipulation, we then attach the SWT to subsequent REST calls in the authorization header; the token contains the Send claim returned from ACS, so we will be authorized to send messages into Service Bus. Running the sample Navigate to http://localhost:2028/Sixeyed.Ipasbr.WebHttpClient/Default.cshtml, enter a string and hit Go! - your string will be reversed by your on-premise service, routed through Azure: Using shared secret client credentials in this way means ACS is the identity provider for your service, and the claim which allows Send access to Service Bus is consumed by Service Bus. None of the authentication details make it through to your service, so your service is not aware who the consumer is (MSDN calls this "anonymous authentication").

    Read the article

  • Is syncing private keys a good idea?

    - by Jacob Johan Edwards
    Ubuntu One's Security FAQ indicates that Canonical encrypts connections and restricts access to user data. This all well and fine, and I do trust SSL for online banking and other things more valuable than my private keys. That said, I am quite anxious about putting my ~/.ssh/id_dsa up in the cloud. Obviously, no system is totally secure. Could some knowledgeable party, then, pragmatically quantify the risks?

    Read the article

  • Transformation of Client/Server application to Windows Azure

    - by Visual WebGui
    Overview The economics of IT is changing rapidly, and organizations are searching to widen and secure availability of their systems and at the same time lower costs. The cloud concept was introduced to allow an IT consumption model where there is always as much computing power as needed when needed ('on-demand') and without having to invest in connectivity, servers, database access, storage space, CPU power and other infrastructure needs, just as we consume electricity. Running your systems on Microsoft...(read more)

    Read the article

  • links for 2011-02-21

    - by Bob Rhubart
    Calling all enterprise architects | Enterprise architecture - InfoWorld Nominations are now open for the 2011 InfoWorld Enterprise Architecture Award, honoring companies whose enterprise architecture initiatives made a difference (tags: ping.fm) Red Tape, Part II : OTN Garage "How do you back up all of that storage? Tape: really fast tape. And, lots of it. This creates a whole variety of very interesting challenges today, elevating the topic to – at the very least – glamorous, but I think it qualifies as being downright hot!" - Kemer Thomson (tags: oracle entarch datastorage) The Buttso Blathers: Using Secure Config Files with the WebLogic Maven Plugin "WebLogic Server has long had a mechanism to provide a more secure way of connecting to the Administration Server from client utilities such that the username and password do not need to be specified and therefore can’t be seen from the process list or command shell history." (tags: oracle weblogic) World-class EA | Open Group Blog "World-class Enterprise Architecture is all about creating definitive collateral that defines how the architecture delivers value for societal value." - Mick Adams (tags: enterprisearchitecture entarch opengroup) Enterprise Process Maps: A Process Picture worth a Million Words (Telecommunications Architecture Corner) "Every BPM project (holistic BPM kick-off, enterprise system implementation, Service-oriented Architecture, business process transformation, corporate performance management, etc.) should be begin with a clear understanding of the business environment..." - Raul Goycoolea (tags: oracle otn telecommunications businessprocess entarch bpm) Andrejus Baranovskis's Blog: WebCenter PS3 Customization Manager- Long Awaited Feature for MDS Oracle ACE Director Andrejus Baranovski shares "really great news for those of you who are working on MDS personalization and customization support in Oracle Fusion Middleware applications." (tags: oracle otn oracleace webcenter enterprise2.0) Oracle WebCenter: Common User Experience Architecture (Oracle Enterprise 2.0 Blog) Kellsey Ruppel describes "how the new release of Oracle WebCenter delivers a Common User Experience Architecture." (tags: oracle otn webcenter enterprise2.0) Java / Oracle SOA blog: Do your SOA deployments & configuration with AIA Oracle ACE Edwin Biemond illustrates the use of the SOA Suite / FMW deployment framework, "one of the Application Integration Architecture (AIA) hidden gems." (tags: oracle oracleace soa otn fusionmiddleware) Enterprise Software Development with Java: Clustering Stateful Session Beans with GlassFish 3.1 Oracle ACE Director Markus Eisele describes what he did "to get a Stateful Session Bean failover scenario working with two instances on one node." (tags: oracle otn oracleace glassfish) Enhanced REST Support in Oracle Service Bus 11gR1 (SOA Thinker) Jeff Davies illustrates how to re-implement the REST-ful Products services using query strings for passing parameter information. (tags: oracle otn soa REST)

    Read the article

  • Does Hard Drive Orientation Affect Its Lifespan?

    - by Jason Fitzpatrick
    Many cases allow you to mount drives in vertical or horizontal configurations and external drives can be easily repositioned. Does the orientation of the hard drive affect the performance and longevity of the drive? Today’s Question & Answer session comes to us courtesy of SuperUser—a subdivision of Stack Exchange, a community-drive grouping of Q&A web sites. 6 Ways Windows 8 Is More Secure Than Windows 7 HTG Explains: Why It’s Good That Your Computer’s RAM Is Full 10 Awesome Improvements For Desktop Users in Windows 8

    Read the article

  • The Chemistry of Snowflakes [Video]

    - by Jason Fitzpatrick
    Snowflakes start out as tiny bits of dust high in the atmosphere and end up drifting down to us as intricate water crystals. Check out this video to see the process start to finish. Courtesy of the American Chemical Society and Bytesize Science, we’re treated to a well explained and illustrated journey from the beginning of the snowflake formation process until the end. [via Neatorama] How to Access Your Router If You Forget the Password Secure Yourself by Using Two-Step Verification on These 16 Web Services How to Fix a Stuck Pixel on an LCD Monitor

    Read the article

  • Don't trust that Web Address!

    <b>Sure, It's Secure:</b> "In the last 24-hours, I received e-mails about March Madness, Sandra Bullock's hubby, and Michael Jackson's estate and every one of them contained a link to malware."

    Read the article

  • Friday Fun: Artillery Rush

    - by Asian Angel
    This week’s game pits you against an enemy army as you work to either defend or invade based on your choice of army. Will your cannon’s aim be true as you seek to take out the enemy forces or will your campaign end in defeat? 6 Ways Windows 8 Is More Secure Than Windows 7 HTG Explains: Why It’s Good That Your Computer’s RAM Is Full 10 Awesome Improvements For Desktop Users in Windows 8

    Read the article

  • I installed the Nautilus Actions Configuration utility but I don't have the action configuration menu option

    - by userman
    I am tyring to set up my trash to securely delete items and I am following the instructions on this page. http://techthrob.com/2010/07/07/adding-a-secure-delete-option-to-nautilus-file-manager-in-linux/ I installed the Nautilus Actions Configuration utility and according to the previously listed page a new action configuration menu option should have shown up in the Nautilus preferences menu. It didn't. Any help would be appreciated. Thanks!

    Read the article

  • WebCenter Customer Spotlight: Marvel

    - by me
    Author: Peter Reiser - Social Business Evangelist, Oracle WebCenter  Solution SummaryMarvel Entertainment, LLC (Marvel) is one of the world's most prominent character-based entertainment companies, built on a proven library of over 8,000 characters featured in a variety of media over seventy years. The customer wanted to optimize their brand licensing process, so Marvel worked with Oracle WebCenter partner Fishbowl Solutions and implemented a centralized Content Hub based on Oracle WebCenter Content. The 100% web based secure Intranet/Partner Extranet solution is now managing the entire life cycle of the brand licensing process. Marvel and their brand licensees have  now complete visibility of brand license operations including the history of approval request and related content.  Company OverviewMarvel Entertainment, LLC (Marvel) a wholly-owned subsidiary of The Walt Disney Company, is one of the world's most prominent character-based entertainment companies, built on a proven library of over 8,000 characters featured in a variety of media over seventy years.  Marvel utilizes its character franchises in entertainment, licensing and publishing.   Sample  characters:    - Spider-Man    - Iron Man    - Captain America    - X-MEN    - Thor    - Avengers    - And a host of others  Business ChallengesMarvel wanted to optimize their brand licensing process for their characters and had following business requirements : Facilitating content worldwide Scalable and flexible infrastructure to manage multiple content types and huge file sizes Optimize the licensing process workflow trough automatic notifications, tracking reviews, issuing approvals, etc. Solution DeployedMarvel worked with Oracle WebCenter partner Fishbowl Solutions and implemented a centralized Content Hub based on Oracle WebCenter Content. The 100% web based secure Intranet/Partner Extranet solution is now managing the entire life cycle of the brand licensing process. The internal users can now manage all digital assets related to a character trough proper categorization of all items, workflow based review and approval of branding styles and a powerful search and retrieval service. The licensees of Marvel brands can now online develop and submit  concepts and prototypes which are reviewed and approved using a collaborative process. Business ResultMarvel and their brand licensees have now complete visibility of brand license operations including the history of approval request and related content. The character brand related content is now in the right place, at the right time at the user's fingertips with highly improved quality. Additional Information Marvel Open World Presentation Oracle WebCenter Content

    Read the article

  • The Perfect Desktop - Ubuntu Studio 10.04

    <b>Howtoforge:</b> "This tutorial shows how you can set up an Ubuntu Studio 10.04 desktop that is a full-fledged replacement for a Windows desktop, i.e. that has all the software that people need to do the things they do on their Windows desktops. The advantages are clear: you get a secure system without DRM restrictions that works even on old hardware, and the best thing is: all software comes free of charge."

    Read the article

  • Securing the Emerging Smart Grid

    As the government pours billions into utilities to create an intelligent network, standards bodies are working to secure the emerging grid so it doesn’t become a repeat of the PC industry.

    Read the article

  • Securing the Emerging Smart Grid

    As the government pours billions into utilities to create an intelligent network, standards bodies are working to secure the emerging grid so it doesn’t become a repeat of the PC industry.

    Read the article

  • Securing the Emerging Smart Grid

    As the government pours billions into utilities to create an intelligent network, standards bodies are working to secure the emerging grid so it doesn’t become a repeat of the PC industry.

    Read the article

  • The Dangers of Vertical Video; A Public Service Announcement [Video]

    - by Jason Fitzpatrick
    According to the puppets in this tongue-in-cheek PSA, you’d better start shooting your video in the right orientation or very bad things–potentially involving George Lucas–will come to pass. [via Mashable] HTG Explains: What Is Windows RT and What Does It Mean To Me? HTG Explains: How Windows 8′s Secure Boot Feature Works & What It Means for Linux Hack Your Kindle for Easy Font Customization

    Read the article

  • Google I/O Sandbox Case Study: WebFilings

    Google I/O Sandbox Case Study: WebFilings We interviewed WebFilings at the Google I/O Sandbox on May 10, 2011 and they explained to us the benefits of using App Engine to build their website. WebFilings provides a secure, cloud-based end-to-end financial reporting solution for SEC reporting companies. For more information on App Engine Developers, visit: code.google.com For more information on WebFilings, visit: www.webfilings.com From: GoogleDevelopers Views: 29 1 ratings Time: 02:31 More in Science & Technology

    Read the article

< Previous Page | 43 44 45 46 47 48 49 50 51 52 53 54  | Next Page >