Greg Beech's Website
Greg Beech's Tech Blog » All Tags » Security (RSS)

Browse by Tags

  • Partial message encryption in BizTalk pipelines

    If you are receiving messages which contain potentially sensitive data, for example credit card details or bank identifier codes, then you may not want to allow these to enter BizTalk unencrypted as there will be plain-text copies of the data in the message box database. On the other hand, you don't want to encrypt the entire message as its type and at least some of the content are probably needed...
    Filed under: ,

  • CRC and HMAC algorithm implementations for .NET

    The .NET Framework 1.1 provides a lot of built in security classes but unfortunately the two I needed for my current project are missing: A 32-bit Cyclic Redundancy Check (CRC) algorithm and a Hash-based Message Authentication Code (HMAC) algorithm using MD5 rather than SHA1. There are a lot of implementations of CRC algorithms on the web, but most are incorrectly implemented, and none are high quality...
    Filed under:

  • Changing WSE2 WS-Security algorithms and transforms

    In a system with well-known end-points, using WS-Addressing and WS-Security with X509 certificates is a great way to authenticate web services, and ensure that the messages are from the right people and have not been tampered with. The basic setup can be implemented very quickly if you're happy with the default way messages are passed, but when you have other requirements such as changing the digest...
    Filed under: ,
Copyright (C) Greg Beech. All rights reserved.
Powered by Community Server (Non-Commercial Edition), by Telligent Systems