An SQL injection demo that should make you check twice when setting SQL security

Security is all about trade-offs you make with your always limited resources, often a problem when designing a system or an after-thought. Only a few h...

Topics include: Introduction to Modern Cryptography, Using Cryptography in Practice, Proofs of Security and Security Definitions and A Special Topic in...

There's lots of talk lately about CardSpaces and the underlying WS-* technologies (that aren't Microsoft-specific, which is a good thing) that make it all happen.

In this demo, we log in as bill27 using a Username and Password, the way folks usually log in. Then while logged in, we visit...

This talk will cover the background of sender domain authentication in general and DKIM in particular, details of how DKIM works, and other issues that...

Introduction to Modern Cryptography, Using Cryptography in Practice and at Google, Proofs of Security and Security Definitions and A Special Topic in C...

Existing systems often do a poor job of meeting the principle of least privilege. I will discuss how object capability systems and language-based metho...

Introduction to Modern Cryptography, Using Cryptography in Practice and at Google, Proofs of Security and Security Definitions and A Special Topic in C...

The SAML has emerged as the gold standard for building Cross-Domain SSO solutions and is a key technology in the domain of federated identity managemen...

In this screencast, I walk through the processes of configuring IIS7 on Windows Vista to enable a site to support Windows CardSpace: