SEARCH RESULTS
 
Showing 1-10 of 112 records
 
Expand article

Workflow Services Context

2008-02-14 13:35:00 by Keith Brown in Security Briefs
 
...ContextBinding and friends silently manage a workflow instance id for you under the covers. The first time you make a request through one of these bindings, a workflow is created, and the instance id is sent back to the client via a SOAP header. It's then stored in the channel and sent back with every subsequent request so that further...
 
Tags: workflow, guid instanceid, guid, workflow instance, channel, instance, instanceid, instanceid guid, context
 
 
 
 
Expand article

Workflow Services Context

2008-02-14 20:35:00 by keith-brown in Security Briefs
 
...ContextBinding and friends silently manage a workflow instance id for you under the covers. The first time you make a request through one of these bindings, a workflow is created, and the instance id is sent back to the client via a SOAP header. It's then stored in the channel and sent back with every subsequent request so that further...
 
Tags: workflow, guid instanceid, guid, workflow instance, channel, instance, instanceid, instanceid guid, context
 
 
 
 
Expand article

Workflow Services Context

2008-02-14 20:35:00 by keith-brown in Security Briefs
 
...ContextBinding and friends silently manage a workflow instance id for you under the covers. The first time you make a request through one of these bindings, a workflow is created, and the instance id is sent back to the client via a SOAP header. It's then stored in the channel and sent back with every subsequent request so that further...
 
Tags: workflow, guid instanceid, guid, workflow instance, channel, instance, instanceid, instanceid guid, context
 
 
 
 
Expand article

Logging Poll #8 Analysis: Needed Log Context

The Article has images
2008-06-03 08:38:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -
...context information is needed to make sense of a confusing log entry Sixth , what was surprising? I thought that identity lookups (e.g. IP to real name or other user identity information) would score higher. I also suspect that people were confused by "logs ABOUT the same systems" (what I meant is, for example, use firewall logs that mention...
 
Tags: log, recent log entry, strange log entry, log time stamps, log record, heavy log, log entry, complement logs, logs
 
 
 
 
Expand article

Automating web application security testing

2007-07-16 11:40:00 by Panayiotis Mavrommatis in Google Online Security Blog
 
...context of the victim's web session. Any web application that serves documents that include data from untrusted sources could be vulnerable to XSS if the untrusted data is not appropriately sanitized. A web application that is vulnerable to XSS can be exploited in two major ways Stored XSS - Commonly exploited in a web application where one...
 
Tags: web application, application, input, input parameters, accepts user input, xss, xss vulnerabilities, security, security team check
 
 
 
 
Expand article

Why Do We Accept Signatures by Fax?

2008-05-29 01:00:00 by Bruce Schneier in Wired Security
 
...context of the larger system. Fax signatures work because signed faxes exist within a broader communications context In a 2003 paper, Economics, Psychology, and Sociology of Security , professor Andrew Odlyzko looks at fax signatures and concludes Although fax signatures have become widespread, their usage is restricted. They are not used for...
 
Tags: fax, fax communications, fax insecurity, insecurity, fax machines, fax message, treat fax signatures, fax document, document
 
 
 
 
Expand article

Fax Signatures

2008-06-03 07:01:20 by schneier in Schneier on Security
 
...context of the larger system. Fax signatures work because signed faxes exist within a broader communications context In a 2003 paper, "Economics, Psychology, and Sociology of Security," Professor Andrew Odlyzko looks at fax signatures and concludes: Although fax signatures have become widespread, their usage is restricted. They are not used...
 
Tags: fax, fax signatures, fax communications, fax insecurity, insecurity, fax machines, fax message, treat fax signatures, fax document
 
 
 
 
Expand article

Fax Signatures

2008-06-03 07:01:20 by schneier in Schneier on Security
 
...context of the larger system. Fax signatures work because signed faxes exist within a broader communications context In a 2003 paper, "Economics, Psychology, and Sociology of Security," Professor Andrew Odlyzko looks at fax signatures and concludes: Although fax signatures have become widespread, their usage is restricted. They are not used...
 
Tags: fax, fax signatures, fax communications, fax insecurity, insecurity, fax machines, fax message, treat fax signatures, fax document
 
 
 
 
Expand article

Banning function calls, assurance, and retrofitting

2008-03-18 19:48:00 by Security Retentive in Security Retentive
 
...context the static analyzer has, and how much manual review you really want to put up with Let me give a specific example Coverity's Prevent analyzer has a number of built-in "unsafe" functions defined. The list includes the standard cast such as scanf, strcpy, strcat, etc. On top of that though they add some things that didn't make...
 
Tags: code review experience, code, security sensitive context, context, security critical context, unsafe context, static analyzer, file defects, rand
 
 
 
 
Expand article

A Blast from the Past: CEP at Stanford,1998-2003

2008-07-07 19:20:21 by Tim Bass in The Complex Event Processing Blog
 
...Context-Based Correlation in Network Operations and Management . Louis Perrochon (work in progress, mail author for newest version) Abstract: Network operation consists to a large degree of reaction to activities happening in the network. Better knowledge of