My blog has moved and can now be found at

No action is needed on your part if you are already subscribed to this blog via e-mail or its syndication feed.

ABAC (3)Architecture (57)BAE (1)ICAM (2)LOA (1)Musings (97)NSTIC (1)PACS (1)PEP (1)PIV (1)PIV-I (1)SAML (1)Security (259)Service Orientation (115)XACML (1)

ABAC (3) 
6/19/2011Converging Logical and Physical Access Control via XACML
6/18/2011Update on Federal ICAM Profiles for Backend Attribute Exchange (BAE) v2
6/12/2011Canvas Theory of Identity LOA vs Canvas Theory of Access Control

Architecture (57) 
3/13/2011Identity Oracles - Trust is Ephemeral, Contracts are Eternal
3/3/2011Identity Oracles – A Business and Law Perspective
2/27/2011Identity Oracles and their role in the Identity Eco-System
12/12/2010Researching Federation Support in Sharepoint 2010
12/8/2010Want ABAC? Across Organizations? Start with Policy!
10/22/2010Federal ICAM Support for Identity Federation Flows
10/11/2010Federation Flows 3 - Authorization
10/4/2010Federation Flows 2 – Attribute Exposure
9/19/2010Federation Flows 1 - Authentication
9/12/2010IIW East Session on Role of Government as Identity Oracle (Attribute Provider)
8/12/2010Government's role as an Attribute Provider
8/4/2010Future of Identity Management is… Now!
3/13/2010NIST SP 800-73-3 and PIV-I
2/21/2010SPML Use Cases and Profiling Choices
2/13/2010Standards Based Provisioning and SPML
8/14/2009Cloud Computing Thoughts from Catalyst09
6/21/2009SAML v2 Testing and soapUI
6/6/2009SAML2 Profiles for PIV Subjects and Backend Attribute Exchange
9/13/2008Digital Identity World 2008 Recap
6/2/2007JHU/APL Colloquium (June 6, 2007): Building a Web-Scale Computing Architecture by Amazon
4/16/2007Hard Problems in Distributed Computing
12/3/2006Shortening the cycles around testing user experience models
10/28/2006Performance Engineering in a SOA
10/6/2006Patterns & Practices Guidance Explorer Beta 2
6/26/2005Build Processes and Shipping Software
6/12/2005Solution Task in NAnt - So Much Nicer!
10/8/2004Patterns and Practices Summit 2004 Report
7/8/2004Integration Patterns from the PAG
7/7/2004Architecture Webcasts for the week of July 6 2004
6/26/2004TechEd Architecture Sessions Online
6/14/2004PAG Smart Client Architecture Guide is now live
6/13/2004Architecture Webcasts week of June 14, 2004
6/7/2004Architecture Webcasts week of June 7, 2004
5/20/2004Patterns & Practices Site has a new look!
5/15/2004Architecture Webcasts for week of May 17, 2004
5/13/2004MSDN TV: Improving .NET Application Performance and Scalability
5/6/2004PAG Integration Patterns (Preview Release)
5/5/2004Improving .NET Application Performance and Scalability - PDF Download!
5/3/2004Architecture Webcasts for Week of May 3
5/1/2004Microsoft Architecture Center Update Newsletter - Issue 3
4/29/2004Improving .NET Application Performance and Scalability - Live!
4/26/2004Microsoft PAG == Tylenol for the Enterprise
4/26/2004Developer Guide to Migration and Interoperability in "Longhorn"
4/19/2004Architecture Webcasts for the week of April 19, 2004
4/19/2004Enterprise Solution Patterns 2.0: Implementing DTO in .NET with Serialized Objects - Missing?
4/16/2004Microsoft Architecture Center RSS Feed / GAPP
4/10/2004Architecture Webcasts for the week of April 12, 2004
4/9/2004PAG releases User Interface Process Application Block - Version 2.0
4/7/2004PAG Smart Client Architecture Guide (pre-alpha) - Seeking community input.
3/23/2004MSDN Architecture Webcast to present Test Driven Development
3/11/ (Maxim V. Karpov) - .NET Design Patterns and more..
3/3/2004PAG asking for Input into App Blocks & Community Involvement
3/2/2004Smart Client Offline Application Block from the MS PAG
2/22/2004Microsoft Architecture Update Newsletter
2/13/2004Live MSDN Architecture Webcasts
2/13/2004Smart Client Architecture Web Cast
1/24/2004.NET Application Blocks - Complete List

BAE (1) 
6/18/2011Update on Federal ICAM Profiles for Backend Attribute Exchange (BAE) v2

ICAM (2) 
6/18/2011Update on Federal ICAM Profiles for Backend Attribute Exchange (BAE) v2
6/12/2011Canvas Theory of Identity LOA vs Canvas Theory of Access Control

LOA (1) 
6/12/2011Canvas Theory of Identity LOA vs Canvas Theory of Access Control

Musings (97) 
9/10/2010My first un-conference session at IIW-EAST
8/29/2010Notes on making the switch from PC to Mac
8/1/2010Food Allergies, Travel and Rimrock
6/20/2009Beverly Hills Cops (and IT)
12/23/2008NORAD and Santa Tracking
9/7/2008Building a new Windows Vista compatible computer
4/30/2008Bloody Brilliant!
4/19/2008Metal on Target
4/6/2008Wanted - Computer Systems Engineer Identity Management
4/6/2008New Information Sharing Strategy for the DNI
12/8/2007Upgrading to HDTV
11/18/2007Dilbert on IdM and Strong Authentication
8/3/2007Vacation in the Canadian Rockies
4/30/2007A failure in generalship
4/20/2007SOA over Dinner
4/12/2007Google Maps - Get what you ask for!
3/17/2007Microsoft MVP Summit 2007 Recap
3/17/2007Daylight Savings Time and the Acura TL
2/25/2007Winter is still with us...
1/5/2007Attend M.I.T. for free!
12/31/2006Happy New Year
12/31/2006Got tagged.. again!
12/13/2006What goes around...
12/9/2006Jon Udell at Microsoft
11/19/2006Microsoft SLAM (Social, Location, Annotation, Mobile)
11/3/2006GEOINT, Thin Client Visualization and Web Services
10/28/2006Geopolitics and Military History
10/7/2006Turning off Trackbacks and Pingbacks
10/5/2006DasBlog + IE + Invisible inline images
10/1/2006Is this a SMARTER Goal?
10/1/2006Testing the Mail To Weblog in DasBlog 1.9.X
8/30/2006Zoom! Zoom!
8/25/2006Back from India...
7/26/2006Upcoming vacation in India
6/22/2006DasBlog Url Re-Writing Question
6/9/2006Infoworld CTO of the Year (2006) Awards
5/23/2006A villain you'd love to hate....
5/22/2006Open Source Portals Reviewed by Infoworld
5/13/2006MapPoint 2006 and MS S&T GPS do not work together!
4/4/2006Inside Man goes Bollywood
3/26/2006Hosted email solutions from Google and Microsoft
3/23/2006The justification for choosing a color....
3/20/2006Not sent from my Blackberry...
1/29/2006The Accident
12/31/2005Time: The Limiting Factor to Accomplishment
12/25/2005Tracking Santa via NORAD.....
12/18/2005SBS 2003 Backups not running: "Keyset does not exist" Error!
12/15/2005They are no longer called "Stove-Pipes"....
12/3/2005Fog Creek CoPilot
11/26/2005Free media server program for Tivo
10/15/2005Good writing and Sci-Fi ...
10/10/2005I could if I wanted to.....
8/27/2005Tivo Desktop & Running as a Non-Admin User on Windows XP
8/27/2005Windows Mobile 2003+ Smartphone - Without a camera?
8/14/2005DasBlog 1.8 upgrade successful!
7/21/2005BlogJet FTP + DasBlog + ISA Server 2004 -- Does it work?
7/18/2005Oyster Docking Station & Toshiba M200 Tablet?
7/1/2005I am no longer an ASP.NET MVP ......
6/26/2005Tools, Tools and more Tools!
6/12/2005Trackback SPAM!
5/10/2005Mid-Atlantic Code Camp
12/18/2004Acronics True Image or Norton Ghost?
12/18/2004Webpart troubles on the SBS2003 SharePoint "Companyweb" site
11/10/2004Our Man in the Mid-Atlantic ...
11/10/2004The side-effect of having an interesting job ....
10/27/2004Local MSDN Event Report
10/20/2004Marketing at Microsoft...
10/9/2004Dual Monitor setup without a second monitor!
9/16/2004Courtesy & Professionalism....
9/14/2004Rack-Mount.. Hmm...
9/6/2004In search of a free .NET CMS (.. that actually implements secure coding practices)
9/1/2004These are solely my opinions ....
8/27/2004Search on
6/16/2004Non-Profit Gift Project (Web Site / Web Site Redesign) Available ....
6/16/2004A New Beginning… The next phase
6/9/2004dotText to dasBlog Conversion?
5/12/2004Casey / Brains-n-Brawn / Political Correctness
4/14/2004Sandy has a blog!
4/9/2004MVP Summit / Seattle / People - In closing .....
4/1/2004MVP Global Summit bound....
3/14/2004Plans to stir men's blood ....
3/8/2004The Foundation of Belief ....
3/6/2004Getting things Done!
3/3/2004Donald Trump's Rules of Success and Microsoft
3/2/2004Srinath Vasireddy - Another PAG PM
3/2/2004Consumer Product Safety Commission - Recalls and Product Safety News RSS Feed!
3/2/2004Seth Godin: How to Give Feedback
2/26/2004Sandy Khaund - PM for the Microsoft PAG now has a REAL weblog!
2/26/2004Slashdot on Inshoring/Offshoring
2/25/2004About Me....
2/24/2004A New Beginning...
2/22/2004Overriding the 2 Minute Anger/Stupidity Rule....
2/13/2004The Unreasonable Man....
2/6/2004Unfairness of Life?
2/6/2004How to Manage Smart People...
2/3/2004Restrain the tongue....

NSTIC (1) 
6/12/2011Canvas Theory of Identity LOA vs Canvas Theory of Access Control

PACS (1) 
6/19/2011Converging Logical and Physical Access Control via XACML

PEP (1) 
6/19/2011Converging Logical and Physical Access Control via XACML

PIV (1) 
6/19/2011Converging Logical and Physical Access Control via XACML

PIV-I (1) 
6/19/2011Converging Logical and Physical Access Control via XACML

SAML (1) 
6/18/2011Update on Federal ICAM Profiles for Backend Attribute Exchange (BAE) v2

Security (259) 
3/13/2011Identity Oracles - Trust is Ephemeral, Contracts are Eternal
3/3/2011Identity Oracles – A Business and Law Perspective
2/27/2011Identity Oracles and their role in the Identity Eco-System
12/12/2010Researching Federation Support in Sharepoint 2010
12/8/2010Want ABAC? Across Organizations? Start with Policy!
10/22/2010Federal ICAM Support for Identity Federation Flows
10/11/2010Federation Flows 3 - Authorization
10/4/2010Federation Flows 2 – Attribute Exposure
9/19/2010Federation Flows 1 - Authentication
9/12/2010IIW East Session on Role of Government as Identity Oracle (Attribute Provider)
8/12/2010Government's role as an Attribute Provider
8/4/2010Future of Identity Management is… Now!
4/17/2010Conveying Attribute Assurance
3/13/2010NIST SP 800-73-3 and PIV-I
2/21/2010SPML Use Cases and Profiling Choices
2/13/2010Standards Based Provisioning and SPML
1/15/2010OpenSSL stateOrProvinceName and Microsoft Interop Issue
8/14/2009Cloud Computing Thoughts from Catalyst09
6/21/2009SAML v2 Testing and soapUI
6/6/2009SAML2 Profiles for PIV Subjects and Backend Attribute Exchange
12/14/2008Reality of XACML PEP-PDP Interoperability - Part II
9/28/2008Reality of XACML PEP-PDP Interoperability
9/21/2008Information Disclosure Threats and Web Services
9/13/2008Digital Identity World 2008 Recap
9/7/2008Attending Digital ID World 2008
4/24/2008The Zen of Identity Attributes
4/14/2008National response to hazards and Identity Management
4/4/2008IEEE Security & Privacy on Identity Management
3/31/2008Authentication, PKI and SAML
3/20/2008Threat Modeling
3/19/2008Shibboleth 2.0 is now available
3/9/2008Managing the release of Identity Attributes
3/3/2008Attending IDtrust 2008
1/28/2008SAML, WS-Federation and More
11/11/2007SAML 2.0 Assertion Syntax
11/2/2007Cisco and Securent
10/28/2007Children, Privacy and Children's Web Sites
10/28/2007Enterprise Security and Responsibility
8/14/2007State of the Art report on Software Security Assurance
7/16/2007Message Replay, XML Gateways and Replay Caches
2/25/2007Certificates and .NET Framework 2.0
12/28/2006Web Services Security Paper
11/21/2006ASP.NET Anti-Cross Site Scripting Library
8/31/2006Security Engineering - Free Book!
8/26/2006SBS2K3 + L2TP VPN Troubles...
4/22/2006SAML in a technical nutshell
3/27/2006PayPal Mobile - Identity and Authentication
12/18/2005Security & Performance considerations for developing .NET Applications
11/19/2005Standards for Identity Federation - SAML / WS-Federation
10/12/2005Security Engineering Approaches.. (Cont'd)
10/8/2005Security Engineering / Secure Development Lifecycle
9/7/2005FormsAuthentication.SignOut and Cookie Replay Attacks in ASP.NET
8/26/2005Application Security from the PAG: Quick Indexes to Relevant Information
8/20/2005.NET Security Resources from the PAG
7/17/2005Tivo behind an ISA Server 2004
7/10/2005Microsoft Baseline Security Analyzer v2.0
6/28/2005Protecting against Input Attack Vectors in ASP.NET
6/9/2005PAG Security Wiki & Ward Cunningham
6/7/2005patterns & practices Security Wiki is now live on Channel9!
5/26/2005IEEE Security & Privacy: Building Security In
5/18/2005PAG Threat Modeling Guide is now live!
5/12/2005IEEE Computer Society Meeting (5/19/2005 ) - Application of Operations Research techniques in Infosec
12/11/2004Upcoming Secure Coding Book by authors of Writing Security!
12/11/2004IEEE Security & Privacy: Building Security In
12/8/2004Presentation on Instrumenting .NET Code & Defense-in-Depth
11/25/2004Microsoft Security Resource Guide - November 2004
11/20/2004Browsing the Web and Reading E-mail Safely as an Administrator
11/15/2004Reliability and Security in a Home Network Environment...
10/31/2004Security focused Issues - TechNet Magazine & MSDN Magazine
10/26/2004Integrated Windows Authentication on the Internet
10/25/2004Using Secret Questions & Blocking Brute Force Attacks
10/14/2004Password Memorability and Security
10/9/2004Authentication/Authorization and Defense in Depth
10/8/2004ASP.NET Vulnerability Mitigation
9/24/2004Enforcing Password Complexity
9/24/2004Hidden field tampering / Viewstate
9/20/2004BizTalk Question RE: WSE adapter and X.509 Certificates
9/16/2004SHA-256 support in HashPasswordForStoringInConfigFile
9/14/2004Application Logging
9/10/2004Foundstone releases Application/Tool to teach secure coding practices
9/6/2004Making USB Devices Read-Only
9/2/2004Security Implications of hash function collision attacks RE: CRYPTO 2004
9/2/2004Microsoft Baseline Security Analyzer V1.2.1 ready for Windows XP SP2
9/2/2004Windows XP Security Guide v2.0
9/1/2004OWASP - Local Chapters and More...
9/1/2004 IIS Authentication Diagnostic tool now available
9/1/2004Microsoft .NET Framework 1.1 Service Pack 1
8/25/2004Resources for secure coding efforts
7/9/2004Custom cryptographic utilities (CryptoAPI, CAPICOM, Java)
7/3/2004SecurityDocs - Directory of Security WhitePapers
6/30/2004Updated Threat Modeling Tool at MSDN
6/24/2004WSE 2.0 Documentation
6/20/2004XPath Injection Attacks
6/20/2004Code Access Security (CAS) – "Guilty until proven Innocent" (Partially Trusted Code)
6/20/2004Run as Non-Admin..
6/14/2004Security Webcasts week of June 14, 2004
6/14/2004XP Service Pack 2 - Security Related Items..
5/28/2004Threat Modeling Resources
5/27/2004Securing Wireless LANs with PEAP and Passwords
5/27/2004IEEE Security & Privacy: Building Security In
5/27/2004Principle of least privilege
5/25/2004Threat Modeling Tool
5/22/2004The Antivirus Defense-in-Depth Guide
5/21/2004System.Security.Cryptography functionality for the .NET Compact Framework
5/21/2004SQL Injection Protection
5/20/2004Security Guidance Kit v1.0
5/19/2004Microsoft Identity and Access Management Series
5/15/2004MSDN Webcast: Writing Security - Threat Defense - Level 200
5/12/2004MSDN Webcast: Writing Security – Best Practices
5/7/2004Design Patterns and Code Access Security (CAS)
5/7/2004Common Security Vulnerabilities in e-commerce Systems
5/7/2004Exchange Server 2003 Security Hardening Guide
5/5/2004MSDN Security Slide decks
5/5/2004Columbia, MD ASP.NET User Group (CMAP) - Thanks!
5/3/2004Cross-Site Scripting Attacks / Character Encoding
4/28/2004ASP.NET Websites running under Partial Trust and third party controls
4/27/2004Columbia, MD User Group Presentation on "Securing Your ASP.NET Application"
4/25/2004Vulnerabilities / Patching Announcements and Discussions
4/25/2004Security in Longhorn: Focus on Least Privilege
4/22/2004TechNet Security Bulletin RSS Feed
4/19/2004Microsoft Security Newsletter - Volume 1, Issue 5 is now Available.
4/19/2004Free Book: Exchange Server 2003 Message Security Guide
4/15/2004Generating a Key from a Password
4/15/2004Security Article and Webcast (4/15)
4/14/2004On-Demand and Upcoming Security Webcasts
4/10/2004Strong Name Signing Using Smart Cards in Enterprise Software Production Environment
4/10/2004Free Security E-Learning Clinics
4/10/2004Michael Howard via Channel9 on Security
4/3/2004Security related chats and webcasts for April 2004
4/3/2004Secure Remote Access: Configuring OpenSSH (Win32) for Public Key Authentication
4/3/2004Client, Service, and Program Incompatibilities That May Occur When You Modify Security Settings and User Rights Assignments
4/2/2004Processes to Produce Secure Software
3/29/2004FxCop 1.30 released
3/29/2004Boot and Nuke
3/27/2004Secure Remote Access - II
3/26/2004Secure Remote Access
3/24/2004CIS Benchmark and Scoring Tool for Windows XP
3/24/2004Implications of Fully Trusted Code
3/24/2004Best Practice Guide for Securing Active Directory Installations
3/24/2004Code Access Security Policy Best Practices and More...
3/17/2004Port Reporter - A logging service for Windows that logs TCP/IP port usage data
3/17/2004Shared Web Hosting Deployment Guide
3/17/2004Wireless Security Resources
3/15/2004Crypto-Gram via RSS
3/14/2004ASP.Net Security Series (Part 1 of 3)
3/14/2004Terminal Server security
3/14/2004Making Sense of our Security Content (by Geoff Snowman [MS] )
3/11/2004.NET Code Access Security Tips
3/11/2004Application Security Best Practices at Microsoft
3/11/2004IIS 6 Security on SecurityFocus
3/11/2004Interesting Items from the latest Microsoft Security Newsletter
3/10/2004Secure Software: Oxymoron? - A response.. - Part II
3/9/2004Which Cryptographic Operations are Available?
3/9/2004.NET Crypto FAQ and Libraries...
3/8/2004Upcoming Security and Architecture Webcasts
3/8/2004Connection Strings, DPAPI and Web Farms
3/7/2004Life-cycle developments fail security
3/7/2004I am a Lowly User of my Machine
3/7/2004Secure Software: Oxymoron? - A response..
3/6/2004Another Application Security List
3/5/2004Analysis of E-Business Applications by @Stake
3/5/2004DevDays Comments - Session & Cookie Hijacking examples
3/5/2004DevDays 2004 - Washington D.C.
3/3/2004DevDays 2004, Washington D.C. Reminder
3/3/2004Upcoming Microsoft Security Events
3/2/2004ASP.NET Security Seminar Presentation Slides
3/2/2004Office2003/XP Remove Hidden Data tool Available
3/2/2004ASP.NET and XSS
3/2/2004Microsoft Security Guidance Kit CD v1.0 Free
2/29/2004ASP.NET 1.1 provides auto-protection from scripting attacks
2/29/2004Security Analysis of Microsoft .NET Framework and J2EE (IBM WebSphere) on Unix and Linux
2/29/2004Java vs. .NET Security
2/29/2004Windows 2003 Feature Pack Downloads
2/28/2004MSDN TV: Basic Principles of Code Access Security
2/28/2004Breaking Passwords - All too easy if we are lazy!
2/27/2004New NMap Version Released
2/26/2004Exchange Server 2003 Security Hardening Guide
2/26/2004Terminal Server security
2/26/2004TechTV Today: How to Break Code
2/26/2004Single Sign-on Enterprise Security for Web Applications - Perhaps!
2/26/2004Foundstone's Free Tools for Assessment, Forensics, Intrusion Detection, Scanning and Stress Testing
2/25/2004Writing Security - PPT's and Demo Code
2/24/2004Windows XP SP2 Developer Resources on the Security Developer Center
2/22/2004Application Security vs. Software Security
2/22/2004The SC-L Mailing List
2/22/2004Windows Update CD Now Available
2/22/2004How to store secrets on a machine
2/13/2004Updated Errata for Writing Security 2nd Edition
2/13/2004Basic Principles of Code Access Security
2/13/2004Best Practice Guide for Securing Active Directory Installations and Day-to-Day Operations: Part I, Version 2
2/13/2004Microsoft holds Developer Security Webcast Week February 16 - 20, 2004
2/13/2004MSDN Architecture Webcast: Patterns & Practices Live: Authorization Block
2/3/2004FAQ on Web Applications Security from OWASP
2/3/2004OWASP Top Ten 2004 Update Released
2/3/2004More Forms and Windows Security in ASP.NET
2/3/2004More Bang For the Bug: An Account of 2003’s Attack Trends
2/2/2004Mixing Forms and Windows Security in ASP.NET
2/2/2004IIS 5.0 Security Guidelines
2/2/2004Using Threat Analysis to Design More Secure Systems
2/2/2004Java vs. .NET security - Part 3
2/2/2004New Windows Server 2003 and Windows XP Security Guides
2/2/2004Securely Run the ASP.NET Worker Process as the System Account - NOT!
1/29/2004DevDays 2004 - March
1/24/2004Network Monitoring Tools
1/24/2004Java vs. .NET security - Part 2
1/24/2004An Introduction To SQL Injection Attacks For Oracle Developers
1/21/2004Authorization and Profile Application Block
12/16/2003Too Stupid to Ignore.....
12/5/2003Windows Mobile 2003 and Security
12/5/2003.NET Rocks! - Pat Hynds on Security
12/4/2003Limiting Callers to a .NET Assembly
12/3/2003Two new Security newsletters from Microsoft coming soon.
12/3/2003Webcast: Ten Ways to Hack-Proof Your Identity
12/2/2003Security comparison between Java and .NET
12/2/2003Programming Security and Inventory Visibility in Order Systems Book
12/2/2003 New mailing list for secure application development, SC-L
12/2/2003Web services security check - Infoworld
11/26/2003Security Info from the latest TechNet Flash
11/25/2003Free XML security tool
11/25/2003Adding Cross-Site Scripting Protection to ASP.NET 1.0
11/23/2003Security Related C# Code Samples
11/23/2003Public Certificates
11/22/2003Secure Coding: Using Restricted Tokens to execute a Process
11/22/2003CA offers free antivirus, firewall software
11/22/2003Microsoft investigates possible Exchange 2003 flaw
11/22/2003Security Stuff from the latest MSDN Flash
11/21/2003Firewall Forensics: How to Read your Logs
11/21/2003Crypto Capabilities in the .NET Framework & "Storing" Passwords
11/21/2003Windows XP: Surviving the First Day
11/21/2003Step-by-Step Guide for Setting Up Secure Wireless Access in a Test Lab
11/21/2003MSDN TV: Process and Thread Identity in ASP.NET
11/19/2003SOAP Web Services Attack White Paper
11/19/2003NIST Releases new Wireless Network Security Guide
11/19/2003Next-Generation Secure Computing Base: Development Considerations for Nexus Computing Agents
11/19/2003Microsoft's Security Best Practices Site
11/19/2003Foundstone Free Security Tools
11/18/2003CAPIMON (CAPIMON.exe)
11/18/2003Security At Microsoft
11/18/2003Security Webcast Week at Microsoft
11/16/2003ASP.NET Security and ASP.NET Administration
11/16/2003How To: Secure Your Developer Workstation
11/16/2003TechNet Security Information for IT Pro's, Windows 2003 and more..
11/16/2003Upcoming Security related books from Microsoft Press
11/15/2003Home Computer Security Site
11/15/2003Interesting items from the latest CRYPTO-GRAM
11/15/2003Owner Override: a proposal to fix Trusted Computing
11/15/2003ICSA Labs offers IPSec troubleshooting guide
11/15/2003Security hole in Motorola MPx200 discovered
11/14/2003OWASP Security Columns
11/14/2003MSDN Magazine (Nov 2003) - Dedicated to Security
11/13/2003The Anatomy of Cross Site Scripting
11/12/2003New NIST security publications
11/12/2003Adventures in Visual Basic .NET: Authentication and Authorization
11/12/2003[ASP.NET 2.0 - Beta] Securing ASP.NET Applications - With Less Code
11/12/2003A Handful of Vulnerabilities (Common security errors in coding)
11/12/2003ASP.NET 1.1 Request Validation flaw
11/12/2003Safely displaying untrusted HTML
11/12/2003Microsoft PDC 2003: Slides from the Security Symposium
11/12/2003The Developer Implications of Windows XP SP2

Service Orientation (115) 
4/17/2010Conveying Attribute Assurance
2/21/2010SPML Use Cases and Profiling Choices
2/13/2010Standards Based Provisioning and SPML
8/14/2009Cloud Computing Thoughts from Catalyst09
9/21/2008Information Disclosure Threats and Web Services
9/7/2008The Many Principles of SOA
3/9/2008Abstraction, Remote Controls and Service Orientation
2/28/2008ESB in a SOA Infrastructure
11/29/2007It is official...
11/26/2007Data and more...
11/22/2007Two Viewpoints on SOAP and REST
11/21/2007XML Security Gateways as Policy Enforcement Points
11/4/2007XML Schema Patterns for Databinding: Interoperability Report
10/30/2007RELAX NG Resources
9/17/2007Modular schemas, include, and tooling support
9/3/2007Demystifying SCA
7/2/2007REST at Catalyst
6/29/2007Catalyst - Thursday
6/27/2007Catalyst - Anne Thomas Manes Keynote - State of Disunion
6/27/2007Burton Group Catalyst 2007
6/7/2007Give it a REST!
4/20/2007SOA over Dinner
4/11/2007Teaching SOA
4/7/2007Java Tutorial for Web Service Interoperability Technologies
4/5/2007Service versioning best practice?
4/1/2007Concurrent Computing, SOA and Performance Engineering
4/1/2007WS-I is not a standards organization
3/23/2007Design Patterns and SOA Runtime Infrastructure
3/7/2007SOA and Governance article in InfoWorld
2/25/2007Uniform Interface in the SOAP World?
2/22/2007Reactivity and Cisco - Another consolidation in the SOA infrastructure space
2/18/2007Quality of Service and Web Services
2/16/2007Comparison of Web Services Stacks
2/13/2007Web Services and Performance - II
2/12/2007SOA Practitioners' Guide
2/11/2007Keys to Successful Governance with SOA
2/11/2007Web Services and Performance
1/28/2007SOA Magazine February 2007 Issue
1/28/2007Relationship between Enterprise Architecture and SOA
1/7/2007Unified View of Enterprise Management
1/4/2007REST 101 for SOA People
1/4/2007SOA Magazine January 2007 Issue
1/3/2007OASIS SOA-RA - A Starting Point for Governance
12/28/2006Threats to Message Exchanges in a SOA
12/23/2006Ten companies where SOA made a difference in 2006
12/13/2006OASIS SOA Reference Architecture
12/7/2006Emerging Standards for SOA at the OMG
11/24/2006XML Schema Patterns for Databinding
11/17/2006The S stands for Simple by Pete Lacey
11/15/2006Apache Axis2 1.1 Released
10/31/2006soapUI WS-I Test Tool
10/29/2006Binary XML, Web Services and Standards
10/28/2006SOA Workshop by Thomas Erl
10/28/2006SOA Presentation follow-up
10/22/2006Upcoming presentation on SOA, Interoperability and Web Services to MICSUG
10/18/2006HOWTO: Configure Apache Tomcat/Axis for web service development on Windows XP SP2
10/9/2006Governance and Loose Coupling
9/6/2006Presentation to CMAP on "SOA, Interoperability & Web Services"
9/2/2006Response to "SOA with J2EE and .NET: Possible, but not easy"
9/1/2006WSDM and WS-Management Reconciliation Roadmap
9/1/2006The SOA Magazine
7/13/2006Backing into Governance
6/24/2006Ah, Governance ....
6/21/2006How to prepare for Service Orientation - Part II
6/21/2006How to prepare for Service Orientation
6/18/2006IBM + WSDM + Open Source == What is the point?
6/18/2006Catalyst 2006 Wrap-Up
5/28/2006WSO2 Tungsten 1.0
5/24/2006SOA for E-Government Conference
5/12/2006XML Schema Patterns for Common Data Structures Version 1.0 (Working Draft)
4/20/2006WS-I Profiles - The Future...
3/27/2006The draft Reliable Asynchronous Messaging Profile (RAMP) and WS-I
2/6/2006Install and configure Apache Tomcat/Axis for web service development on Windows XP SP2
2/1/2006Web Services, SSL and Self-Signed Certificates
1/31/2006SOAP tracing tools with support for HTTP proxy?
1/20/2006Using a HTTP Proxy that requires authentication via a web service consumer
12/13/2005Scenario & Patterns based Web Services Security Guide
12/11/2005Guest lecture on SOA, Web Services and Interoperability
12/11/2005XML Schema to Object Mappings - Issues and work arounds...
12/10/2005Interoperability (J2EE and .NET) Articles from IBM
12/10/2005Caveats using DateTime when building Interoperable Web Services
12/4/2005Web Service SLAs - Looking for resources..
11/11/2005W3C Workshop on XML Schema 1.0 User Experiences - InterOp in the real world
10/17/2005Service Oriented Architecture (SOA), Web Services and Interoperability @ IEEE Computer Society Meeting
10/13/2005Web Services (WS-*) Industry Adoption
10/9/2005XSDObjectGen 1.4.2 Released
10/9/2005Schema-First/Contract-First/Top-Down Style of Development & Tools
8/18/2005Principles of Service Design Articles
7/20/2005SOAPBuilders Discussion Summary on Web Services Interoperability Issues (March 2005)
7/10/2005XSDObjectGen - New Release
6/20/2005SOAP Debugging Tools
6/17/2005Microsoft UDDI Services. When can we expect v 3.0 Support?
6/4/2005WSCF 0.5 for Contract-First Web Services Design & Development is out!
6/3/2005Interoperability Webcasts
5/24/2005WS-I BSP v1.0 Sample Application from the PAG
5/15/2005XML Schema Design Styles
5/15/2005Guidelines for XML Schema Design to Improve Web Services Interoperability
5/11/2005Location Property of WebServiceBindingAttribute / Contract-First
12/8/2004Web services Contract-First Design & Development
11/22/2004Interop, Interop, Interop.....
11/22/2004Messaging Patterns in Service Oriented Architecture, Part 2
10/27/2004Steps to a successful BizTalk Installation
9/10/2004EDRA/Shadowfax Architecture Seminar: Washington, DC, Wednesday, September 15th
9/2/2004Data on the Outside vs. Data on the Inside - An Examination of the Impact of SOA on Data
9/1/2004WS-Security Drilldown in Web Services Enhancements 2.0
7/11/2004Architecture Webcasts for week of July 12
6/27/2004Web Services Interoperability & Tools
6/20/2004WSE 2.0 Webcast / MSDN TV / WSE 2.0 Tracing Utility
6/15/2004ShadowFax - Trade-Offs
6/5/2004Service-Oriented Architecture: Implementation Challenges
5/27/2004WSE 2.0 Related Articles
5/12/2004MSDN Architecture Webcast: Integration Patterns
4/27/2004Upcoming Architecture Webcast on Shadowfax
4/14/2004Spring Issue of the Microsoft Architects Journal
2/13/2004TechEd Architecture Track

XACML (1) 
6/19/2011Converging Logical and Physical Access Control via XACML