Navigation

Home
Gemalto

Search

Categories

 
 
 
 
 
 
 
 
 
 

On this page

Sixth Law : The Law of Human Integration
ClickOnce Vs Windows Installer
Updater Application Block - An Excellent piece of work

Archive

March, 2007 (2)
February, 2007 (1)
July, 2006 (1)
June, 2006 (1)
March, 2006 (3)
December, 2005 (3)
October, 2005 (1)
July, 2005 (6)
May, 2005 (1)
March, 2005 (4)
February, 2005 (1)
January, 2005 (3)
December, 2004 (1)
November, 2004 (4)
October, 2004 (1)
September, 2004 (5)
August, 2004 (3)
July, 2004 (5)

Blogroll

 .NET Security Blog
 Aaron Skonnard
 Andre Durand
 Andy's InfoCard Blog
 Craig Burton
 Dave Kearns
 Don Box
 Gunnar Peterson
 James McGovern
 Jamie Lewis
 Jeffrey Schlimmer
 John Kemp
 Kim Cameron
 Pat Peterson
 Paul Madsen
 Rico Mariani
 Sara gates
 Scott C Lemon
 Steve Maine
 Tim Ewald
 Tom Scavo

Disclaimer
The opinions expressed herein are my own personal opinions and do not represent my employer's view in anyway.

RSS 2.0 | Atom 1.0 | CDF

Send mail to the author(s) E-mail

Sign In
Pick a theme:

 Tuesday, January 25, 2005
Sixth Law : The Law of Human Integration
Tuesday, January 25, 2005 8:13:50 PM (Central Standard Time, UTC-06:00) ( )
Basically this Law says that identity system must define human user as one of the component in distributed systems and communication between human-machine should be protected against attacks.
 
Kim writes more,
    Returning to the discussion we've just had about the problems with today's browsers, I would summarize my thinking by saying we have done a pretty good job of cryptographically securing the channel between web servers and browsers - a channel that might extend for thousands of miles.  But we haven't done a very good job at all of setting up the two or three foot channel between the browser and the human who uses it.  And this is the channel that is attacked by phishers. 
 
I tried to solve the problem of Phishing and unsecured browser-human channel by providing an alternative to address bar (I know Kim is not a big fan of 'yet another address bar'). The alternative is that if user has identified his Service provider he/she can store the link to it as a metadata in Smartcard and once he has successfully pinned his Smartcard, this meta data will be extracted (securely) by some custom control in browser. I used this approach in Liberty LECP profile demo using .NET Smartcard storing the list of service providers as Xml metadata.
 
I feel that if we can achieve such kind of interaction [friendly enough for non-technical users] with the human element in distributed systems we should be good ? ....... Please comment.
Comments [2] | Trackback | # 
 Saturday, January 22, 2005
ClickOnce Vs Windows Installer
Saturday, January 22, 2005 12:08:53 PM (Central Standard Time, UTC-06:00) ( )
Michael Sanford has a written a great article on comparison of ClickOnce and Windows installer technologies showing the differences in the features and when its ideal to use a particular
technology.
 
Message I got from this article that ClickOnce is not eliminating the Windows Installer but complement Windows installer by providing a robust, secure and easy way to update the applications installed using installer.
 
 
Comments [1] | Trackback | # 
Updater Application Block - An Excellent piece of work
Saturday, January 22, 2005 11:56:55 AM (Central Standard Time, UTC-06:00) ( )
Although all the application blocks from Microsoft patterns and practices are great the one that I have liked the most and actually using in my product is UAB [Updater Application Block]. For a while I was playing around with version 1 posted here until last month I realized gotdotnet.com has a workspace for UAB and enhanced the application block in substantial way. UAB is in its version 2 now.
 
This is really great piece of work and would recommend people to use it.
Comments [0] | Trackback | #