Laser Combat @Ranway9 Hyd

Winning Laser Combat team@ Runway9. From LtoR - Ravi,Raghu,Mahavir,Anil,Mark,Neha

Securing Microsoft’s Cloud Infrastructure

Good white paper on Microsoft take of Cloud Security.
The Online Services Security and Compliance (OSSC) team within the Global Foundation Services (GFS) division builds on the same security principles and processes Microsoft has developed through years of experience managing security risks in
traditional development and operating environments. More

I am at Tech Ed 2009@HICC ,Hyderabad India

I am at Tech Ed 2009@HICC ,Hyderabad India

CSSLP certified Now.

I am CSSLP certified now. :)

One Place holder for most the security stuff..

Thanks to J.D for creating this Place folder for most of the security related stuff..
From J.D Meiers. Blog entry.
"This post is a simple way to get to my stuff on MSDN. I always get asked how to find my patterns & practices stuff on MSDN. I always have a hard time finding it. I'm presenting at our Executive Briefing Center (EBC) today, so now I have a simple response for when I get asked, "OK, so where do we find this?"" more

S/MIME Vs RMS -Part II

Characteristic	S/MIME	RMS
Strong private key protection	Possible	Not possible
Private key storage	Disk (user profile), smart card	RM Account Certificate
usage rights (copy, print, forward)	No	Yes
Data rights can be configured to expire	No	Yes
Ease of use	Medium	Medium
Managerial efforts	High	Medium
Symmetric encryption algorithms	DES, 3DES, RC2 (Outlook)	DES, AES
Asymmetric encryption algorithms	RSA	RSA
PKI	Yes	No
Trust Relationship possible	Yes, through cross certification or sub-ordination	Trust relationships can be configured between RM Servers.
Compatibility	S/MIME, X.509 are cross-platform standards. S/MIME is implemented in most mail clients.	XrML is submitted as standard. IRM is only implemented in Outlook 2003; view-only functionality available in RMA. Additional clients can add IRM functionality through RM Client SDK.
Revocation checking	Done by the client (configurable), encrypted content is still accessible if cert not valid	Done by the server (when issuing EULs), encrypted content is not accessible once old licenses expire.
Expiration behavior	Expiration of the user's certificate does not affect decryption of encrypted files, but does prevent subsequent encryption of emails.	Expiration of user's RM account certificate will immediately prevent decryption of any existing or new RM-protected information.

S/MIME Vs RMS -Part I

S/MIME	RMS
Provides non-repudiation and identity attestation of the sender	Provides information usage policy enforcement
Provides for integrity protection and proof of tampering (signature validation)	Prevents tampering due to encryption
Security boundary may span outside corporate boundaries and firewalls	Policy persisted with the content
End to end encryption prevents sniffing and message interception	End to end encryption prevents sniffing and message interception
Cross-platform interoperability and wide application support	Windows Platform only (98SE and above), CE and Mac next
Two factor authentication for sending and receiving s/mime enabled mail	Prevents users from using expired content or information
Strong encryption and very large key sizes	Fixed encryption key sizes and algorithms
Limited message compression only in OWA	Provides message compression for all modes

Threat Model of "Star Wars"

Death Star Threat Modeling –

Part 1- http://www.youtube.com/watch?v=x0HfHmRN9x4
Part 2- http://www.youtube.com/watch?v=OHnXsL4Z3vo
Part -3 http://www.youtube.com/watch?v=ZWT_5TGZ5h4