Comment Feed for Channel 9 - Identity and Access Control http://media.ch9.ms/ch9/c43b/4342e22f-d6fd-4129-ab54-fddd3e98c43b/subscribeidentity_220.jpg Channel 9 - Identity and Access Control Today I woke up thinking that talking about Identity and Access Control and how your strategy around that affects you (web-) app's architecture without going too deeply into the security lingo that usually comes with it. Here's the 40 minute result. I start with HTTP's "native" authentication model RFC 2617 and how that's universally bad, with both Basic and Digest authentication having issues Digest being, ironically worse for the overall security strategy. Then I dive into why models that use tokens (or cookies) are better in terms of security and scalability and explore a range of variations amongst those. en Wed, 22 May 2013 01:47:08 GMT Wed, 22 May 2013 01:47:08 GMT Rev9 Re: Identity and Access Control Clemens mentions a Firefox plug-in that helps steal session cookies over wifi, but he could not recall the name. I believe he was thinking of Firesheep: http://codebutler.com/firesheep/

posted by codingoutloud

]]> http://channel9.msdn.com/Blogs/Subscribe/Identity-and-Access-Control#c634909386214032612 Wed, 12 Dec 2012 19:50:21 GMT http://channel9.msdn.com/Blogs/Subscribe/Identity-and-Access-Control#c634909386214032612 codingoutloud Re: Identity and Access Control A great primer for those new to ACS and federated security.  Thanks for publishing this.

 

Kent

posted by kentweare

]]> http://channel9.msdn.com/Blogs/Subscribe/Identity-and-Access-Control#c634921449097236400 Wed, 26 Dec 2012 18:55:09 GMT http://channel9.msdn.com/Blogs/Subscribe/Identity-and-Access-Control#c634921449097236400 kentweare Re: Identity and Access Control This is really a great introduction into ACS and its feature-set on a conceptual base. What I miss the most, are some samples, or better some video demonstration, about WCF and best practices regarding service throttling on Azure. A video only about WCF being hosted in Worker Roles on Azure using ACS would also be great Smiley

Thank you.

 

Ilija

 

posted by ilija injac

]]> http://channel9.msdn.com/Blogs/Subscribe/Identity-and-Access-Control#c634934099693440558 Thu, 10 Jan 2013 10:19:29 GMT http://channel9.msdn.com/Blogs/Subscribe/Identity-and-Access-Control#c634934099693440558 ilija injac