My blog has moved and can now be found at

No action is needed on your part if you are already subscribed to this blog via e-mail or its syndication feed.

ABAC (3)Architecture (57)BAE (1)ICAM (2)LOA (1)Musings (97)NSTIC (1)PACS (1)PEP (1)PIV (1)PIV-I (1)SAML (1)Security (259)Service Orientation (115)XACML (1)

ABAC (3) 
06/19/2011Converging Logical and Physical Access Control via XACML
06/18/2011Update on Federal ICAM Profiles for Backend Attribute Exchange (BAE) v2
06/12/2011Canvas Theory of Identity LOA vs Canvas Theory of Access Control

Architecture (57) 
03/13/2011Identity Oracles - Trust is Ephemeral, Contracts are Eternal
03/03/2011Identity Oracles – A Business and Law Perspective
02/27/2011Identity Oracles and their role in the Identity Eco-System
12/12/2010Researching Federation Support in Sharepoint 2010
12/08/2010Want ABAC? Across Organizations? Start with Policy!
10/22/2010Federal ICAM Support for Identity Federation Flows
10/11/2010Federation Flows 3 - Authorization
10/04/2010Federation Flows 2 – Attribute Exposure
09/19/2010Federation Flows 1 - Authentication
09/12/2010IIW East Session on Role of Government as Identity Oracle (Attribute Provider)
08/12/2010Government's role as an Attribute Provider
08/04/2010Future of Identity Management is… Now!
03/13/2010NIST SP 800-73-3 and PIV-I
02/21/2010SPML Use Cases and Profiling Choices
02/13/2010Standards Based Provisioning and SPML
08/14/2009Cloud Computing Thoughts from Catalyst09
06/21/2009SAML v2 Testing and soapUI
06/06/2009SAML2 Profiles for PIV Subjects and Backend Attribute Exchange
09/13/2008Digital Identity World 2008 Recap
06/02/2007JHU/APL Colloquium (June 6, 2007): Building a Web-Scale Computing Architecture by Amazon
04/16/2007Hard Problems in Distributed Computing
12/03/2006Shortening the cycles around testing user experience models
10/28/2006Performance Engineering in a SOA
10/06/2006Patterns & Practices Guidance Explorer Beta 2
06/26/2005Build Processes and Shipping Software
06/12/2005Solution Task in NAnt - So Much Nicer!
10/08/2004Patterns and Practices Summit 2004 Report
07/08/2004Integration Patterns from the PAG
07/07/2004Architecture Webcasts for the week of July 6 2004
06/26/2004TechEd Architecture Sessions Online
06/14/2004PAG Smart Client Architecture Guide is now live
06/13/2004Architecture Webcasts week of June 14, 2004
06/07/2004Architecture Webcasts week of June 7, 2004
05/20/2004Patterns & Practices Site has a new look!
05/15/2004Architecture Webcasts for week of May 17, 2004
05/13/2004MSDN TV: Improving .NET Application Performance and Scalability
05/06/2004PAG Integration Patterns (Preview Release)
05/05/2004Improving .NET Application Performance and Scalability - PDF Download!
05/03/2004Architecture Webcasts for Week of May 3
05/01/2004Microsoft Architecture Center Update Newsletter - Issue 3
04/29/2004Improving .NET Application Performance and Scalability - Live!
04/26/2004Microsoft PAG == Tylenol for the Enterprise
04/26/2004Developer Guide to Migration and Interoperability in "Longhorn"
04/19/2004Architecture Webcasts for the week of April 19, 2004
04/19/2004Enterprise Solution Patterns 2.0: Implementing DTO in .NET with Serialized Objects - Missing?
04/16/2004Microsoft Architecture Center RSS Feed / GAPP
04/10/2004Architecture Webcasts for the week of April 12, 2004
04/09/2004PAG releases User Interface Process Application Block - Version 2.0
04/07/2004PAG Smart Client Architecture Guide (pre-alpha) - Seeking community input.
03/23/2004MSDN Architecture Webcast to present Test Driven Development
03/11/ (Maxim V. Karpov) - .NET Design Patterns and more..
03/03/2004PAG asking for Input into App Blocks & Community Involvement
03/02/2004Smart Client Offline Application Block from the MS PAG
02/22/2004Microsoft Architecture Update Newsletter
02/13/2004Live MSDN Architecture Webcasts
02/13/2004Smart Client Architecture Web Cast
01/24/2004.NET Application Blocks - Complete List

BAE (1) 
06/18/2011Update on Federal ICAM Profiles for Backend Attribute Exchange (BAE) v2

ICAM (2) 
06/18/2011Update on Federal ICAM Profiles for Backend Attribute Exchange (BAE) v2
06/12/2011Canvas Theory of Identity LOA vs Canvas Theory of Access Control

LOA (1) 
06/12/2011Canvas Theory of Identity LOA vs Canvas Theory of Access Control

Musings (97) 
09/10/2010My first un-conference session at IIW-EAST
08/29/2010Notes on making the switch from PC to Mac
08/01/2010Food Allergies, Travel and Rimrock
06/20/2009Beverly Hills Cops (and IT)
12/23/2008NORAD and Santa Tracking
09/07/2008Building a new Windows Vista compatible computer
04/30/2008Bloody Brilliant!
04/19/2008Metal on Target
04/06/2008Wanted - Computer Systems Engineer Identity Management
04/06/2008New Information Sharing Strategy for the DNI
12/08/2007Upgrading to HDTV
11/18/2007Dilbert on IdM and Strong Authentication
08/03/2007Vacation in the Canadian Rockies
04/30/2007A failure in generalship
04/20/2007SOA over Dinner
04/12/2007Google Maps - Get what you ask for!
03/17/2007Microsoft MVP Summit 2007 Recap
03/17/2007Daylight Savings Time and the Acura TL
02/25/2007Winter is still with us...
01/05/2007Attend M.I.T. for free!
12/31/2006Happy New Year
12/31/2006Got tagged.. again!
12/13/2006What goes around...
12/09/2006Jon Udell at Microsoft
11/19/2006Microsoft SLAM (Social, Location, Annotation, Mobile)
11/03/2006GEOINT, Thin Client Visualization and Web Services
10/28/2006Geopolitics and Military History
10/07/2006Turning off Trackbacks and Pingbacks
10/05/2006DasBlog + IE + Invisible inline images
10/01/2006Is this a SMARTER Goal?
10/01/2006Testing the Mail To Weblog in DasBlog 1.9.X
08/30/2006Zoom! Zoom!
08/25/2006Back from India...
07/26/2006Upcoming vacation in India
06/22/2006DasBlog Url Re-Writing Question
06/09/2006Infoworld CTO of the Year (2006) Awards
05/23/2006A villain you'd love to hate....
05/22/2006Open Source Portals Reviewed by Infoworld
05/13/2006MapPoint 2006 and MS S&T GPS do not work together!
04/04/2006Inside Man goes Bollywood
03/26/2006Hosted email solutions from Google and Microsoft
03/23/2006The justification for choosing a color....
03/20/2006Not sent from my Blackberry...
01/29/2006The Accident
12/31/2005Time: The Limiting Factor to Accomplishment
12/25/2005Tracking Santa via NORAD.....
12/18/2005SBS 2003 Backups not running: "Keyset does not exist" Error!
12/15/2005They are no longer called "Stove-Pipes"....
12/03/2005Fog Creek CoPilot
11/26/2005Free media server program for Tivo
10/15/2005Good writing and Sci-Fi ...
10/10/2005I could if I wanted to.....
08/27/2005Tivo Desktop & Running as a Non-Admin User on Windows XP
08/27/2005Windows Mobile 2003+ Smartphone - Without a camera?
08/14/2005DasBlog 1.8 upgrade successful!
07/21/2005BlogJet FTP + DasBlog + ISA Server 2004 -- Does it work?
07/18/2005Oyster Docking Station & Toshiba M200 Tablet?
07/01/2005I am no longer an ASP.NET MVP ......
06/26/2005Tools, Tools and more Tools!
06/12/2005Trackback SPAM!
05/10/2005Mid-Atlantic Code Camp
12/18/2004Acronics True Image or Norton Ghost?
12/18/2004Webpart troubles on the SBS2003 SharePoint "Companyweb" site
11/10/2004Our Man in the Mid-Atlantic ...
11/10/2004The side-effect of having an interesting job ....
10/27/2004Local MSDN Event Report
10/20/2004Marketing at Microsoft...
10/09/2004Dual Monitor setup without a second monitor!
09/16/2004Courtesy & Professionalism....
09/14/2004Rack-Mount.. Hmm...
09/06/2004In search of a free .NET CMS (.. that actually implements secure coding practices)
09/01/2004These are solely my opinions ....
08/27/2004Search on
06/16/2004Non-Profit Gift Project (Web Site / Web Site Redesign) Available ....
06/16/2004A New Beginning… The next phase
06/09/2004dotText to dasBlog Conversion?
05/12/2004Casey / Brains-n-Brawn / Political Correctness
04/14/2004Sandy has a blog!
04/09/2004MVP Summit / Seattle / People - In closing .....
04/01/2004MVP Global Summit bound....
03/14/2004Plans to stir men's blood ....
03/08/2004The Foundation of Belief ....
03/06/2004Getting things Done!
03/03/2004Donald Trump's Rules of Success and Microsoft
03/02/2004Srinath Vasireddy - Another PAG PM
03/02/2004Consumer Product Safety Commission - Recalls and Product Safety News RSS Feed!
03/02/2004Seth Godin: How to Give Feedback
02/26/2004Sandy Khaund - PM for the Microsoft PAG now has a REAL weblog!
02/26/2004Slashdot on Inshoring/Offshoring
02/25/2004About Me....
02/24/2004A New Beginning...
02/22/2004Overriding the 2 Minute Anger/Stupidity Rule....
02/13/2004The Unreasonable Man....
02/06/2004Unfairness of Life?
02/06/2004How to Manage Smart People...
02/03/2004Restrain the tongue....

NSTIC (1) 
06/12/2011Canvas Theory of Identity LOA vs Canvas Theory of Access Control

PACS (1) 
06/19/2011Converging Logical and Physical Access Control via XACML

PEP (1) 
06/19/2011Converging Logical and Physical Access Control via XACML

PIV (1) 
06/19/2011Converging Logical and Physical Access Control via XACML

PIV-I (1) 
06/19/2011Converging Logical and Physical Access Control via XACML

SAML (1) 
06/18/2011Update on Federal ICAM Profiles for Backend Attribute Exchange (BAE) v2

Security (259) 
03/13/2011Identity Oracles - Trust is Ephemeral, Contracts are Eternal
03/03/2011Identity Oracles – A Business and Law Perspective
02/27/2011Identity Oracles and their role in the Identity Eco-System
12/12/2010Researching Federation Support in Sharepoint 2010
12/08/2010Want ABAC? Across Organizations? Start with Policy!
10/22/2010Federal ICAM Support for Identity Federation Flows
10/11/2010Federation Flows 3 - Authorization
10/04/2010Federation Flows 2 – Attribute Exposure
09/19/2010Federation Flows 1 - Authentication
09/12/2010IIW East Session on Role of Government as Identity Oracle (Attribute Provider)
08/12/2010Government's role as an Attribute Provider
08/04/2010Future of Identity Management is… Now!
04/17/2010Conveying Attribute Assurance
03/13/2010NIST SP 800-73-3 and PIV-I
02/21/2010SPML Use Cases and Profiling Choices
02/13/2010Standards Based Provisioning and SPML
01/15/2010OpenSSL stateOrProvinceName and Microsoft Interop Issue
08/14/2009Cloud Computing Thoughts from Catalyst09
06/21/2009SAML v2 Testing and soapUI
06/06/2009SAML2 Profiles for PIV Subjects and Backend Attribute Exchange
12/14/2008Reality of XACML PEP-PDP Interoperability - Part II
09/28/2008Reality of XACML PEP-PDP Interoperability
09/21/2008Information Disclosure Threats and Web Services
09/13/2008Digital Identity World 2008 Recap
09/07/2008Attending Digital ID World 2008
04/24/2008The Zen of Identity Attributes
04/14/2008National response to hazards and Identity Management
04/04/2008IEEE Security & Privacy on Identity Management
03/31/2008Authentication, PKI and SAML
03/20/2008Threat Modeling
03/19/2008Shibboleth 2.0 is now available
03/09/2008Managing the release of Identity Attributes
03/03/2008Attending IDtrust 2008
01/28/2008SAML, WS-Federation and More
11/11/2007SAML 2.0 Assertion Syntax
11/02/2007Cisco and Securent
10/28/2007Children, Privacy and Children's Web Sites
10/28/2007Enterprise Security and Responsibility
08/14/2007State of the Art report on Software Security Assurance
07/16/2007Message Replay, XML Gateways and Replay Caches
02/25/2007Certificates and .NET Framework 2.0
12/28/2006Web Services Security Paper
11/21/2006ASP.NET Anti-Cross Site Scripting Library
08/31/2006Security Engineering - Free Book!
08/26/2006SBS2K3 + L2TP VPN Troubles...
04/22/2006SAML in a technical nutshell
03/27/2006PayPal Mobile - Identity and Authentication
12/18/2005Security & Performance considerations for developing .NET Applications
11/19/2005Standards for Identity Federation - SAML / WS-Federation
10/12/2005Security Engineering Approaches.. (Cont'd)
10/08/2005Security Engineering / Secure Development Lifecycle
09/07/2005FormsAuthentication.SignOut and Cookie Replay Attacks in ASP.NET
08/26/2005Application Security from the PAG: Quick Indexes to Relevant Information
08/20/2005.NET Security Resources from the PAG
07/17/2005Tivo behind an ISA Server 2004
07/10/2005Microsoft Baseline Security Analyzer v2.0
06/28/2005Protecting against Input Attack Vectors in ASP.NET
06/09/2005PAG Security Wiki & Ward Cunningham
06/07/2005patterns & practices Security Wiki is now live on Channel9!
05/26/2005IEEE Security & Privacy: Building Security In
05/18/2005PAG Threat Modeling Guide is now live!
05/12/2005IEEE Computer Society Meeting (5/19/2005 ) - Application of Operations Research techniques in Infosec
12/11/2004Upcoming Secure Coding Book by authors of Writing Security!
12/11/2004IEEE Security & Privacy: Building Security In
12/08/2004Presentation on Instrumenting .NET Code & Defense-in-Depth
11/25/2004Microsoft Security Resource Guide - November 2004
11/20/2004Browsing the Web and Reading E-mail Safely as an Administrator
11/15/2004Reliability and Security in a Home Network Environment...
10/31/2004Security focused Issues - TechNet Magazine & MSDN Magazine
10/26/2004Integrated Windows Authentication on the Internet
10/25/2004Using Secret Questions & Blocking Brute Force Attacks
10/14/2004Password Memorability and Security
10/09/2004Authentication/Authorization and Defense in Depth
10/08/2004ASP.NET Vulnerability Mitigation
09/24/2004Enforcing Password Complexity
09/24/2004Hidden field tampering / Viewstate
09/20/2004BizTalk Question RE: WSE adapter and X.509 Certificates
09/16/2004SHA-256 support in HashPasswordForStoringInConfigFile
09/14/2004Application Logging
09/10/2004Foundstone releases Application/Tool to teach secure coding practices
09/06/2004Making USB Devices Read-Only
09/02/2004Security Implications of hash function collision attacks RE: CRYPTO 2004
09/02/2004Microsoft Baseline Security Analyzer V1.2.1 ready for Windows XP SP2
09/02/2004Windows XP Security Guide v2.0
09/01/2004OWASP - Local Chapters and More...
09/01/2004 IIS Authentication Diagnostic tool now available
09/01/2004Microsoft .NET Framework 1.1 Service Pack 1
08/25/2004Resources for secure coding efforts
07/09/2004Custom cryptographic utilities (CryptoAPI, CAPICOM, Java)
07/03/2004SecurityDocs - Directory of Security WhitePapers
06/30/2004Updated Threat Modeling Tool at MSDN
06/24/2004WSE 2.0 Documentation
06/20/2004XPath Injection Attacks
06/20/2004Code Access Security (CAS) – "Guilty until proven Innocent" (Partially Trusted Code)
06/20/2004Run as Non-Admin..
06/14/2004Security Webcasts week of June 14, 2004
06/14/2004XP Service Pack 2 - Security Related Items..
05/28/2004Threat Modeling Resources
05/27/2004Securing Wireless LANs with PEAP and Passwords
05/27/2004IEEE Security & Privacy: Building Security In
05/27/2004Principle of least privilege
05/25/2004Threat Modeling Tool
05/22/2004The Antivirus Defense-in-Depth Guide
05/21/2004System.Security.Cryptography functionality for the .NET Compact Framework
05/21/2004SQL Injection Protection
05/20/2004Security Guidance Kit v1.0
05/19/2004Microsoft Identity and Access Management Series
05/15/2004MSDN Webcast: Writing Security - Threat Defense - Level 200
05/12/2004MSDN Webcast: Writing Security – Best Practices
05/07/2004Design Patterns and Code Access Security (CAS)
05/07/2004Common Security Vulnerabilities in e-commerce Systems
05/07/2004Exchange Server 2003 Security Hardening Guide
05/05/2004MSDN Security Slide decks
05/05/2004Columbia, MD ASP.NET User Group (CMAP) - Thanks!
05/03/2004Cross-Site Scripting Attacks / Character Encoding
04/28/2004ASP.NET Websites running under Partial Trust and third party controls
04/27/2004Columbia, MD User Group Presentation on "Securing Your ASP.NET Application"
04/25/2004Vulnerabilities / Patching Announcements and Discussions
04/25/2004Security in Longhorn: Focus on Least Privilege
04/22/2004TechNet Security Bulletin RSS Feed
04/19/2004Microsoft Security Newsletter - Volume 1, Issue 5 is now Available.
04/19/2004Free Book: Exchange Server 2003 Message Security Guide
04/15/2004Generating a Key from a Password
04/15/2004Security Article and Webcast (4/15)
04/14/2004On-Demand and Upcoming Security Webcasts
04/10/2004Strong Name Signing Using Smart Cards in Enterprise Software Production Environment
04/10/2004Free Security E-Learning Clinics
04/10/2004Michael Howard via Channel9 on Security
04/03/2004Security related chats and webcasts for April 2004
04/03/2004Secure Remote Access: Configuring OpenSSH (Win32) for Public Key Authentication
04/03/2004Client, Service, and Program Incompatibilities That May Occur When You Modify Security Settings and User Rights Assignments
04/02/2004Processes to Produce Secure Software
03/29/2004FxCop 1.30 released
03/29/2004Boot and Nuke
03/27/2004Secure Remote Access - II
03/26/2004Secure Remote Access
03/24/2004CIS Benchmark and Scoring Tool for Windows XP
03/24/2004Implications of Fully Trusted Code
03/24/2004Best Practice Guide for Securing Active Directory Installations
03/24/2004Code Access Security Policy Best Practices and More...
03/17/2004Port Reporter - A logging service for Windows that logs TCP/IP port usage data
03/17/2004Shared Web Hosting Deployment Guide
03/17/2004Wireless Security Resources
03/15/2004Crypto-Gram via RSS
03/14/2004ASP.Net Security Series (Part 1 of 3)
03/14/2004Terminal Server security
03/14/2004Making Sense of our Security Content (by Geoff Snowman [MS] )
03/11/2004.NET Code Access Security Tips
03/11/2004Application Security Best Practices at Microsoft
03/11/2004IIS 6 Security on SecurityFocus
03/11/2004Interesting Items from the latest Microsoft Security Newsletter
03/10/2004Secure Software: Oxymoron? - A response.. - Part II
03/09/2004Which Cryptographic Operations are Available?
03/09/2004.NET Crypto FAQ and Libraries...
03/08/2004Upcoming Security and Architecture Webcasts
03/08/2004Connection Strings, DPAPI and Web Farms
03/07/2004Life-cycle developments fail security
03/07/2004I am a Lowly User of my Machine
03/07/2004Secure Software: Oxymoron? - A response..
03/06/2004Another Application Security List
03/05/2004Analysis of E-Business Applications by @Stake
03/05/2004DevDays Comments - Session & Cookie Hijacking examples
03/05/2004DevDays 2004 - Washington D.C.
03/03/2004DevDays 2004, Washington D.C. Reminder
03/03/2004Upcoming Microsoft Security Events
03/02/2004ASP.NET Security Seminar Presentation Slides
03/02/2004Office2003/XP Remove Hidden Data tool Available
03/02/2004ASP.NET and XSS
03/02/2004Microsoft Security Guidance Kit CD v1.0 Free
02/29/2004ASP.NET 1.1 provides auto-protection from scripting attacks
02/29/2004Security Analysis of Microsoft .NET Framework and J2EE (IBM WebSphere) on Unix and Linux
02/29/2004Java vs. .NET Security
02/29/2004Windows 2003 Feature Pack Downloads
02/28/2004MSDN TV: Basic Principles of Code Access Security
02/28/2004Breaking Passwords - All too easy if we are lazy!
02/27/2004New NMap Version Released
02/26/2004Exchange Server 2003 Security Hardening Guide
02/26/2004Terminal Server security
02/26/2004TechTV Today: How to Break Code
02/26/2004Single Sign-on Enterprise Security for Web Applications - Perhaps!
02/26/2004Foundstone's Free Tools for Assessment, Forensics, Intrusion Detection, Scanning and Stress Testing
02/25/2004Writing Security - PPT's and Demo Code
02/24/2004Windows XP SP2 Developer Resources on the Security Developer Center
02/22/2004Application Security vs. Software Security
02/22/2004The SC-L Mailing List
02/22/2004Windows Update CD Now Available
02/22/2004How to store secrets on a machine
02/13/2004Updated Errata for Writing Security 2nd Edition
02/13/2004Basic Principles of Code Access Security
02/13/2004Best Practice Guide for Securing Active Directory Installations and Day-to-Day Operations: Part I, Version 2
02/13/2004Microsoft holds Developer Security Webcast Week February 16 - 20, 2004
02/13/2004MSDN Architecture Webcast: Patterns & Practices Live: Authorization Block
02/03/2004FAQ on Web Applications Security from OWASP
02/03/2004OWASP Top Ten 2004 Update Released
02/03/2004More Forms and Windows Security in ASP.NET
02/03/2004More Bang For the Bug: An Account of 2003’s Attack Trends
02/02/2004Mixing Forms and Windows Security in ASP.NET
02/02/2004IIS 5.0 Security Guidelines
02/02/2004Using Threat Analysis to Design More Secure Systems
02/02/2004Java vs. .NET security - Part 3
02/02/2004New Windows Server 2003 and Windows XP Security Guides
02/02/2004Securely Run the ASP.NET Worker Process as the System Account - NOT!
01/29/2004DevDays 2004 - March
01/24/2004Network Monitoring Tools
01/24/2004Java vs. .NET security - Part 2
01/24/2004An Introduction To SQL Injection Attacks For Oracle Developers
01/21/2004Authorization and Profile Application Block
12/16/2003Too Stupid to Ignore.....
12/05/2003Windows Mobile 2003 and Security
12/05/2003.NET Rocks! - Pat Hynds on Security
12/04/2003Limiting Callers to a .NET Assembly
12/03/2003Two new Security newsletters from Microsoft coming soon.
12/03/2003Webcast: Ten Ways to Hack-Proof Your Identity
12/02/2003Security comparison between Java and .NET
12/02/2003Programming Security and Inventory Visibility in Order Systems Book
12/02/2003 New mailing list for secure application development, SC-L
12/02/2003Web services security check - Infoworld
11/26/2003Security Info from the latest TechNet Flash
11/25/2003Free XML security tool
11/25/2003Adding Cross-Site Scripting Protection to ASP.NET 1.0
11/23/2003Security Related C# Code Samples
11/23/2003Public Certificates
11/22/2003Secure Coding: Using Restricted Tokens to execute a Process
11/22/2003CA offers free antivirus, firewall software
11/22/2003Microsoft investigates possible Exchange 2003 flaw
11/22/2003Security Stuff from the latest MSDN Flash
11/21/2003Firewall Forensics: How to Read your Logs
11/21/2003Crypto Capabilities in the .NET Framework & "Storing" Passwords
11/21/2003Windows XP: Surviving the First Day
11/21/2003Step-by-Step Guide for Setting Up Secure Wireless Access in a Test Lab
11/21/2003MSDN TV: Process and Thread Identity in ASP.NET
11/19/2003SOAP Web Services Attack White Paper
11/19/2003NIST Releases new Wireless Network Security Guide
11/19/2003Next-Generation Secure Computing Base: Development Considerations for Nexus Computing Agents
11/19/2003Microsoft's Security Best Practices Site
11/19/2003Foundstone Free Security Tools
11/18/2003CAPIMON (CAPIMON.exe)
11/18/2003Security At Microsoft
11/18/2003Security Webcast Week at Microsoft
11/16/2003ASP.NET Security and ASP.NET Administration
11/16/2003How To: Secure Your Developer Workstation
11/16/2003TechNet Security Information for IT Pro's, Windows 2003 and more..
11/16/2003Upcoming Security related books from Microsoft Press
11/15/2003Home Computer Security Site
11/15/2003Interesting items from the latest CRYPTO-GRAM
11/15/2003Owner Override: a proposal to fix Trusted Computing
11/15/2003ICSA Labs offers IPSec troubleshooting guide
11/15/2003Security hole in Motorola MPx200 discovered
11/14/2003OWASP Security Columns
11/14/2003MSDN Magazine (Nov 2003) - Dedicated to Security
11/13/2003The Anatomy of Cross Site Scripting
11/12/2003New NIST security publications
11/12/2003Adventures in Visual Basic .NET: Authentication and Authorization
11/12/2003[ASP.NET 2.0 - Beta] Securing ASP.NET Applications - With Less Code
11/12/2003A Handful of Vulnerabilities (Common security errors in coding)
11/12/2003ASP.NET 1.1 Request Validation flaw
11/12/2003Safely displaying untrusted HTML
11/12/2003Microsoft PDC 2003: Slides from the Security Symposium
11/12/2003The Developer Implications of Windows XP SP2

Service Orientation (115) 
04/17/2010Conveying Attribute Assurance
02/21/2010SPML Use Cases and Profiling Choices
02/13/2010Standards Based Provisioning and SPML
08/14/2009Cloud Computing Thoughts from Catalyst09
09/21/2008Information Disclosure Threats and Web Services
09/07/2008The Many Principles of SOA
03/09/2008Abstraction, Remote Controls and Service Orientation
02/28/2008ESB in a SOA Infrastructure
11/29/2007It is official...
11/26/2007Data and more...
11/22/2007Two Viewpoints on SOAP and REST
11/21/2007XML Security Gateways as Policy Enforcement Points
11/04/2007XML Schema Patterns for Databinding: Interoperability Report
10/30/2007RELAX NG Resources
09/17/2007Modular schemas, include, and tooling support
09/03/2007Demystifying SCA
07/02/2007REST at Catalyst
06/29/2007Catalyst - Thursday
06/27/2007Catalyst - Anne Thomas Manes Keynote - State of Disunion
06/27/2007Burton Group Catalyst 2007
06/07/2007Give it a REST!
04/20/2007SOA over Dinner
04/11/2007Teaching SOA
04/07/2007Java Tutorial for Web Service Interoperability Technologies
04/05/2007Service versioning best practice?
04/01/2007Concurrent Computing, SOA and Performance Engineering
04/01/2007WS-I is not a standards organization
03/23/2007Design Patterns and SOA Runtime Infrastructure
03/07/2007SOA and Governance article in InfoWorld
02/25/2007Uniform Interface in the SOAP World?
02/22/2007Reactivity and Cisco - Another consolidation in the SOA infrastructure space
02/18/2007Quality of Service and Web Services
02/16/2007Comparison of Web Services Stacks
02/13/2007Web Services and Performance - II
02/12/2007SOA Practitioners' Guide
02/11/2007Keys to Successful Governance with SOA
02/11/2007Web Services and Performance
01/28/2007SOA Magazine February 2007 Issue
01/28/2007Relationship between Enterprise Architecture and SOA
01/07/2007Unified View of Enterprise Management
01/04/2007REST 101 for SOA People
01/04/2007SOA Magazine January 2007 Issue
01/03/2007OASIS SOA-RA - A Starting Point for Governance
12/28/2006Threats to Message Exchanges in a SOA
12/23/2006Ten companies where SOA made a difference in 2006
12/13/2006OASIS SOA Reference Architecture
12/07/2006Emerging Standards for SOA at the OMG
11/24/2006XML Schema Patterns for Databinding
11/17/2006The S stands for Simple by Pete Lacey
11/15/2006Apache Axis2 1.1 Released
10/31/2006soapUI WS-I Test Tool
10/29/2006Binary XML, Web Services and Standards
10/28/2006SOA Workshop by Thomas Erl
10/28/2006SOA Presentation follow-up
10/22/2006Upcoming presentation on SOA, Interoperability and Web Services to MICSUG
10/18/2006HOWTO: Configure Apache Tomcat/Axis for web service development on Windows XP SP2
10/09/2006Governance and Loose Coupling
09/06/2006Presentation to CMAP on "SOA, Interoperability & Web Services"
09/02/2006Response to "SOA with J2EE and .NET: Possible, but not easy"
09/01/2006WSDM and WS-Management Reconciliation Roadmap
09/01/2006The SOA Magazine
07/13/2006Backing into Governance
06/24/2006Ah, Governance ....
06/21/2006How to prepare for Service Orientation - Part II
06/21/2006How to prepare for Service Orientation
06/18/2006IBM + WSDM + Open Source == What is the point?
06/18/2006Catalyst 2006 Wrap-Up
05/28/2006WSO2 Tungsten 1.0
05/24/2006SOA for E-Government Conference
05/12/2006XML Schema Patterns for Common Data Structures Version 1.0 (Working Draft)
04/20/2006WS-I Profiles - The Future...
03/27/2006The draft Reliable Asynchronous Messaging Profile (RAMP) and WS-I
02/06/2006Install and configure Apache Tomcat/Axis for web service development on Windows XP SP2
02/01/2006Web Services, SSL and Self-Signed Certificates
01/31/2006SOAP tracing tools with support for HTTP proxy?
01/20/2006Using a HTTP Proxy that requires authentication via a web service consumer
12/13/2005Scenario & Patterns based Web Services Security Guide
12/11/2005Guest lecture on SOA, Web Services and Interoperability
12/11/2005XML Schema to Object Mappings - Issues and work arounds...
12/10/2005Interoperability (J2EE and .NET) Articles from IBM
12/10/2005Caveats using DateTime when building Interoperable Web Services
12/04/2005Web Service SLAs - Looking for resources..
11/11/2005W3C Workshop on XML Schema 1.0 User Experiences - InterOp in the real world
10/17/2005Service Oriented Architecture (SOA), Web Services and Interoperability @ IEEE Computer Society Meeting
10/13/2005Web Services (WS-*) Industry Adoption
10/09/2005XSDObjectGen 1.4.2 Released
10/09/2005Schema-First/Contract-First/Top-Down Style of Development & Tools
08/18/2005Principles of Service Design Articles
07/20/2005SOAPBuilders Discussion Summary on Web Services Interoperability Issues (March 2005)
07/10/2005XSDObjectGen - New Release
06/20/2005SOAP Debugging Tools
06/17/2005Microsoft UDDI Services. When can we expect v 3.0 Support?
06/04/2005WSCF 0.5 for Contract-First Web Services Design & Development is out!
06/03/2005Interoperability Webcasts
05/24/2005WS-I BSP v1.0 Sample Application from the PAG
05/15/2005XML Schema Design Styles
05/15/2005Guidelines for XML Schema Design to Improve Web Services Interoperability
05/11/2005Location Property of WebServiceBindingAttribute / Contract-First
12/08/2004Web services Contract-First Design & Development
11/22/2004Interop, Interop, Interop.....
11/22/2004Messaging Patterns in Service Oriented Architecture, Part 2
10/27/2004Steps to a successful BizTalk Installation
09/10/2004EDRA/Shadowfax Architecture Seminar: Washington, DC, Wednesday, September 15th
09/02/2004Data on the Outside vs. Data on the Inside - An Examination of the Impact of SOA on Data
09/01/2004WS-Security Drilldown in Web Services Enhancements 2.0
07/11/2004Architecture Webcasts for week of July 12
06/27/2004Web Services Interoperability & Tools
06/20/2004WSE 2.0 Webcast / MSDN TV / WSE 2.0 Tracing Utility
06/15/2004ShadowFax - Trade-Offs
06/05/2004Service-Oriented Architecture: Implementation Challenges
05/27/2004WSE 2.0 Related Articles
05/12/2004MSDN Architecture Webcast: Integration Patterns
04/27/2004Upcoming Architecture Webcast on Shadowfax
04/14/2004Spring Issue of the Microsoft Architects Journal
02/13/2004TechEd Architecture Track

XACML (1) 
06/19/2011Converging Logical and Physical Access Control via XACML