Thursday, April 13, 2006

Security Developer Center: Using Application Verifier Within Your Software Development Lifecycle

Security Developer Center: Using Application Verifier Within Your Software Development Lifecycle: "The Microsoft� Application Verifier (AppVerifier) is a runtime verification tool for unmanaged code that assists in finding subtle programming errors, security issues and limited user account privilege problems that can be difficult to identify with normal application testing techniques.
Introduction
One of the biggest challenges faced by programmers, software architects, testers, and security consultants is to understand the consequences of their applications when deployed into production. Even with access to source code, it is difficult to grasp everything that will occur during execution due to a variety of dependencies (for example. multiple groups contributing to code or leveraging external components). The Microsoft AppVerifier can play a critical role in helping to manage this complexity and the potential side effects of bugs. The AppVerifierassists in finding subtle programming errors, security issues, and user account privilege problems that can be difficult to identify during a typical test pass."

Visual Studio Magazine - Guest Opinion - Software is Too Darn Hard

Visual Studio Magazine - Guest Opinion - Software is Too Darn Hard: "Software development is too darn hard. As an industry, we spend more time discussing 'plumbing' issues like Java versus .NET, or .NET remoting versus Web services, than we do discussing the design of the actual business functionality itself.
Even when we get to the business functionality, we spend most of our time fighting with the object-oriented design tools, the form-designer tools that 'help' create the UI, the holes in databinding, the data-access code (transactions, concurrency, field/column mapping), and the database design tools"

Friday, April 07, 2006

How I Work: Bill Gates - Apr. 4, 2006

How I Work: Bill Gates - Apr. 4, 2006: "NEW YORK (FORTUNE) - It's pretty incredible to look back 30 years to when Microsoft (Research) was starting and realize how work has been transformed. We're finally getting close to what I call the digital workstyle.
If you look at this office, there isn't much paper in it. On my desk I have three screens, synchronized to form a single desktop. I can drag items from one screen to the next. Once you have that large display area, you'll never go back, because it has a direct impact on productivity." ---Thanks to a colleague who forwarded this :-)

Thursday, April 06, 2006

Sharing Lego blocks: Modular software reshapes the computing landscape - Technology - International Herald Tribune

Sharing Lego blocks: Modular software reshapes the computing landscape - Technology - International Herald Tribune: "The Internet is entering its Lego era.

Blocks of interchangeable software components are proliferating on the Web, and developers are joining them together to create a potentially infinite array of useful new programs. This new software represents a marked departure from the inflexible, at times unwieldy, programs of the past, which were designed to run on individual computers.

As a result, computer industry innovation is rapidly becoming decentralized. In the place of large, intricate and self-contained programs like Microsoft Word, written and maintained by armies of programmers, smaller companies, with just a handful of developers, are now producing pioneering software and Web-based services. These new services can be delivered directly to PCs or even to cellphones. Bigger companies are taking note.

For example, Google last month bought Writely, a Web-based word-processing program created by three Silicon Valley programmers. The Google chief executive, Eric Schmidt, said that Google did not buy the program to compete against Microsoft Word. Rather, he said, it viewed Writely as a key component in hundreds of products it is now developing.

These days, there are inexpensive or free software components speeding the program-writing process. Amazon recently introduced an online storage service called S3, which offers data storage for a monthly fee of 15 cents a gigabyte. That frees a programmer building a new application or service on the Internet from having to create a potentially costly data storage system.

Google now offers eight programmable components - elements that other programmers can turn into new Web services - including Web search, maps, chat and advertising. Yahoo o"

Download details: UIP Application Block

Download details: UIP Application Block: "The User Interface Process Application Block provides a simple yet extensible framework for developing user interface processes. It is designed to abstract the control flow and state management out of the user interface layer into a user interface process layer. This helps you write generic code for the control flow and state management for different applications types (for example, Web and Windows) and helps manage user's tasks in complex scenarios (for example, suspending and resuming tasks)."

Download details: Updater Application Block version 2.0

Download details: Updater Application Block version 2.0: "The Updater Application Block is a .NET Framework component that you can use to detect, download, and apply client application updates deployed in a central location. By using the Updater Application Block, you can keep smart client applications up to date with little or no user intervention. You can also extend the Updater Application Block to use custom classes for downloading files and for performing post-deployment configuration tasks."

Web Service Security

Web Service Security: "To design, develop, and deploy secure Web services, architects and developers must learn new technologies, and consider new threats associated with exposing functionality on potentially hostile networks. To prepare you to meet these challenges (both now on Web Service Enhancements 3.0 and in the future with Windows Communication Foundation), patterns & practices has created the Web Service Security guide. This guide provides a scenario-driven approach to demonstrate where different security patterns are successful, combined with a series of decision matrices to assist you in applying your own criteria for using Web service security patterns in your environment."

MSDN Solution Architecture Center: Management at the Edge in Industry Verticals

MSDN Solution Architecture Center: Management at the Edge in Industry Verticals: "Enterprises today need to be agile and flexible enough to rapidly adapt to changing business conditions by bringing new products and services to market, adjusting internally to support business changes, and tightly controlling risks. Management is critical in achieving these goals. The IT department must be able to monitor systems and discover problems and resolve them before they affect the operations; however, the legacy infrastructure used for management is consuming the majority of the enterprise's IT budget in costly maintenance activities, leaving few resources to make the IT advances required. This paper provides the importance of management at the edge in the industry verticals and how Microsoft products can help in this area. "

MSDN Solution Architecture Center: Extending Enterprise Applications with Microsoft Outlook: Architectural Design Guide

MSDN Solution Architecture Center: Extending Enterprise Applications with Microsoft Outlook: Architectural Design Guide: "Many organizations have made multi-million dollar investments in customer relationship management (CRM) systems and other line of business (LOB) applications over the last decade. Although many of these applications have delivered significant business benefits, some organizations have found that these bespoke systems have not provided the expected returns on investment. One of the argued reasons for this is that specialized enterprise systems, databases, and applications do not integrate well with information worker workflows."

MSDN Solution Architecture Center: Stored Procedure Object Interface Layer

MSDN Solution Architecture Center: Stored Procedure Object Interface Layer: "A stored procedure is a T-SQL program that executes on SQL Server and returns parameter values and/or a ResultSet. Business rules are often encoded in stored procedures, so many applications involve calling stored procedures and processing the data they return. Invoking Stored Procedures in ADO.NET requires a lot of code for each instance. It also causes the developer to switch from an OO paradigm into a functional paradigm with relational data. This is time-consuming and error-prone. Instead, SPOIL creates an OO layer of abstraction between the application and the database. At the highest level, SPOIL creates an object abstraction exposing a stored procedure as methods on managed classes."

MSDN Solution Architecture Center: A Business-Oriented Foundation for Service Orientation

MSDN Solution Architecture Center: A Business-Oriented Foundation for Service Orientation: "Service-orientation, with the advent of Web services, is the latest technology solution put forward to automate business activities. (For a good overview of SOA and related concepts in Microsoft's connected systems strategy, please refer to Service Orientation and Its Role in Your Connected Systems Strategy.) The concepts embodied by service-orientation evolved out of long-standing efforts to modularize and distribute complex computer systems that reflect and support the reality of the distributed business world."

Representing Datacenters with Logical Datacenter Designer

Representing Datacenters with Logical Datacenter Designer: "Logical Datacenter Designer (LDD) is used to create diagrams of interconnected logical servers that represent the logical structure of a datacenter. These logical datacenter diagrams communicate important information to the developer about the target deployment environment. Using this designer, infrastructure architects can specify and configure the types of servers in the datacenter, the types of communications allowed, specific communication pathways, and types of services enabled. Logical datacenter diagrams will typically be created and owned by infrastructure architects, but will be used by developers. "

: Modeling and Tools: Introduction to Logical Datacenter Designer, Part 2

: Modeling and Tools: Introduction to Logical Datacenter Designer, Part 2: "Logical Datacenter Designer is used to create models that describe the policies and logical structure of a datacenter, including servers, firewalls, communication paths, security constraints, and other configuration requirements that affect the deployment of application systems into a datacenter. Here, we'll look at how to build a simple model using the Designer."

: Modeling and Tools: Introduction to Logical Datacenter Designer, Part 1

: Modeling and Tools: Introduction to Logical Datacenter Designer, Part 1: "Logical Datacenter Designer is used to create models that describe the policies and logical structure of a datacenter, including servers, firewalls, communication paths, security constraints, and other configuration requirements that affect the deployment of application systems into a datacenter. Logical Datacenter Designer is integrated with other Distributed System Designers, included in Visual Studio Team System. All of the designers leverage a common XML-based metafile format known as the System Definition Model (SDM). Logical Datacenter Designer is an effective tool for communicating between IT professionals and system architects."

: Modeling and Tools: Modeling for Software Development and Operations

: Modeling and Tools: Modeling for Software Development and Operations: "We use many models to design, develop, deploy, and manage technology solutions. A partial list of these models might include business cases, use case diagrams, entity relationship models, object models, code, test suites, deployment plans, logical data center models, and exception management plans. Software lifecycle methodologies have traditionally struggled to automate the production of 'downstream' models from 'upstream' models, or even to keep the different system models synchronized. This brief paper describes the modeling space and outlines current efforts to use models more effectively throughout the technology lifecycle."

Windows Server System: Enabling Heterogeneous Systems Management Through DSI

Windows Server System: Enabling Heterogeneous Systems Management Through DSI: "The Dynamic Systems Initiative (DSI) is focused on leveraging partner solutions and industry standards to ensure interoperability in heterogeneous environments. We understand that our customers have diverse environments with diverse needs. The success of DSI requires a collaborative effort among Microsoft, our partners, and industry groups to ensure that we deliver a complete solution to our customers."

Windows Server System: Core Principles of the Dynamic Systems Initiative

Windows Server System: Core Principles of the Dynamic Systems Initiative: "From a core technology perspective, the Dynamic Systems Initiative (DSI) is about building software that enables knowledge of an IT system to be created, modified, transferred, and operated on throughout the life cycle of that system. These core principles�knowledge, models, and life cycle�are the keys in addressing the complexity and manageability challenges that IT organizations face today."

Sunday, April 02, 2006

Security Considerations for Databases and Database Applications

Security Considerations for Databases and Database Applications: "Security Considerations for Databases and Database Applications
The SQL Server 2005 Database Engine helps you protect data from unauthorized disclosure and tampering. The SQL Server Database Engine security functionality includes highly-granular authentication, authorization, and validation mechanisms; strong encryption; security context switching and impersonation; and integrated key management. The following table lists important security-related topics."

Designing and Creating Databases

Designing and Creating Databases: "Designing and Creating Databases
A client/server database system is made up of two components:
Programs that provide an interface for client-based users to access data.

The database structure that manages and stores the data on the server.

For example, if you use Microsoft SQL Server 2005 to create a checking account application, you must set up a database structure to manage the account transaction data and an application that acts as the user interface to the database. This allows users to access checking account information.
Creating a database to serve your business needs requires an understanding of how to design, create, and maintain each of these components to make sure that your database performs optimally."

Overview of SQL Server 2005 for the Database Administrator

Overview of SQL Server 2005 for the Database Administrator: "
Summary: This document provides an overview of new features in Microsoft� SQL Server� 2005 for database administration and database availability, scalability, and security.
On This Page
Introduction
High Availability and Scalability
Extending High Availability to All Database Applications
Minimizing the Maintenance Window
Database Development, Deployment, and Management: A Revolutionary Tool Set
Deploying SQL Server 2005
Tools for Management and Performance Tuning
Conclusion
Appendix"

SQL Server 2005 Service Accounts

SQL Server 2005 Service Accounts: "Summary:
Are you aware that SQL Server 2005 can have up to ten services running? Working with that many service accounts can be a challenge. Steve Jones takes a look at these services and a few of the things that you will want to know before setting up SQL Server 2005. "

Yahoo! Developer Network Home - Welcome!

Yahoo! Developer Network Home - Welcome!:

Yahoo! is having developer network site, where one can get API that is used by Yahoo! in its websites. Worth looking and giving a try, to learn how its working.

Ajax (programming) - Wikipedia, the free encyclopedia

Ajax (programming) - Wikipedia, the free encyclopedia: "Ajax (programming)
From Wikipedia, the free encyclopedia
Jump to: navigation, search
Asynchronous JavaScript And XML, or its acronym, Ajax, is a Web development technique for creating interactive web applications. The intent is to make web pages to feel more responsive by exchanging small amounts of data with the server behind the scenes, so that the entire Web page does not have to be reloaded each time the user makes a change. This is meant to increase the Web page's interactivity, speed, and usability.
The Ajax technique uses a combination of:
XHTML (or HTML), CSS, for marking up and styling information.
The DOM accessed with a client-side scripting language, especially ECMAScript implementations like JavaScript and JScript, to dynamically display and interact with the information presented.
The XMLHttpRequest object to exchange data asynchronously with the web server. In some Ajax frameworks and in certain situations, an IFrame object is used instead of the XMLHttpRequest object to exchange data with the web server.
XML is commonly used as the format for transferring data back from the server, although any format will work, including preformatted HTML, plain text, JSON and even EBML. "

.NET: Introducing Generics in the CLR -- MSDN Magazine, Visual Studio 2005 Guided Tour

.NET: Introducing Generics in the CLR -- MSDN Magazine, Visual Studio 2005 Guided Tour: "Generics are a shipping feature of the Microsoft� .NET Framework 2.0, and managed code is faster, more maintainable, and more robust because of it.
Generics are an extension to the CLR's type system that allow developers to define types for which certain details are left unspecified. Instead, these details are specified when the code is referenced by consumer code. The code that references the generic type fills in the missing details, tailoring the type to its particular needs. The name generics reflects the goal of the feature: to enable the writing of code while not specifying details that might limit the scope of its usefulness. The code itself is generic. I'll get more specific in just a moment.

A First Look at Generics

As with any new technology, it is helpful to ask just why it's useful. Those of you who are familiar with templates in C++ will find that generics serve a similar purpose in managed code. However, I hesitate to draw too much of a comparison between CLR generics and C++ templates because generics have some additional benefits, as well as some limitations.
Some of the strengths of CLR generics are compile-time type safety, binary code reuse, performance, and clarity. I'll briefly describe these benefits, and as you read the rest of this article, you'll understand them in more detail. As an example let's take two hypothetical collection classes: SortedList, a collection of Object references, and GenericSortedList, a collection of any typeT."

.NET Profiling: Write Profilers With Ease Using High-Level Wrapper Classes -- MSDN Magazine, April 2006

.NET Profiling: Write Profilers With Ease Using High-Level Wrapper Classes -- MSDN Magazine, April 2006: " Profiling API of the common language runtime (CLR) provides services that exceed the needs of typical function and memory profilers. The latest extensions of the Profiling API for the Microsoft� .NET Framework 2.0 increase this functionality even further. These extensions enable tools to trace not only method calls at the class level, but also data flow across assembly boundaries without the need to instrument Common Intermediate Language (CIL) code for that purpose.
However, the powerful functionality and technical details of this API compromise its simplicity and usefulness. Programming with the CLR Profiling API can be laborious and error-prone because the numerous services are organized in an interface that applies a primarily functional design at a low level of abstraction.
In this article we will present a high-level, easy-to-grasp, and easy-to-apply profiling API, based on the CLR Profiling API, that conceals the mechanisms necessary to filter elementary profiling data and to rejoin them into semantically coherent concepts. Programming with the high-level API should considerably reduce the development effort required to construct various types of tools that profile a program, as it affords an abstraction level close to that of high-level languages within the .NET Framework."

Service Station: Migrating to WSE 3.0 -- MSDN Magazine, April 2006

Service Station: Migrating to WSE 3.0 -- MSDN Magazine, April 2006: "Major Changes in WSE 3.0

MSDN� recently published an article entitled 'What's New in WSE 3.0,' written by Mark Fussell, Lead Program Manager on the WSE team. This article summarizes the major changes and improvements to the product since WSE 2.0, including integration with the .NET Framework 2.0 and Visual Studio� 2005, simplified security through a new-and-improved policy architecture, and support for sending large amounts of data with Message Transmission Optimization Mechanism (MTOM). Additional changes include improved session management (via WS-SecureConversation), support for hosting ASMX services outside of IIS, and support for the latest WS-* specifications.
Although the WSE team tried hard to ensure backward compatibility, some of these changes affect the core programming model that you must address to update existing WSE 2.0 solutions.
The good news is, once you've migrated to WSE 3.0, you'll have more communications options. WSE 3.0 supports the latest WS-* specifications�the same ones supported by Windows� Communication Foundation (WCF)�making WSE 3.0 and WCF wire-compatible. This means WCF clients can interoperate with WSE 3.0 services and vice versa, removing the need for continued migration."

The Architecture Journal - Issue 6: Behavioral Software Architecture Language

The Architecture Journal - Issue 6: Behavioral Software Architecture Language: "Behavioral Software Architecture Language
by Behzad Karim
Summary: Software architecture is a hot keyword these days for people in our profession. It seems everyone is out to discover the true potential of the software architecture and what it can bring into play for them. The basic idea of architecture definition is to design software structure and object interaction before the detailed design phase. Although serious architecture definition is being suggested for large projects only, arguably any software construction or implementation work must be preceded by an architectural design and approval phase. Get acquainted with BASL, a language that unifies software architecture definition with software implementation (coding)."

The Architecture Journal - Best Practices for Rule-Based Application Development

The Architecture Journal: "Best Practices for Rule-Based Application Development
Dennis Merritt
Amzi! Inc.
January 2004
Summary: Takes a high level view of knowledge and looks at different types of knowledge and their mappings to executable computer code to gain insights into when and why rule engines provide advantages over conventional software development tools. "

Saturday, April 01, 2006

Working with Skins and new controls in .NET 2005

I was helping the team in getting a proper UI.

We are using SKins and Themes for the same.

Getting a proper look for all controls was easy except for the following:
Grid View
Details View
Forms View

AFter a lot of experimenting and failures, I decided to get the desired look using the properties, and implement the code in Skin with changes. And it worked.

I am presenting the sample for different controls for convenience of those who need it.

Grid View, we need to give the Skin as below:





For Wizard, we need to give it as below:

StepPreviousButtonType="Link" BackColor="#EFF3FB" BorderColor="#B5C7DE" BorderWidth="1px" Font-Names="Verdana">


BorderWidth="1px" Font-Names="Verdana" Font-Size="8pt" ForeColor="#284E98" />

Font-Bold="True" Font-Size="8pt" ForeColor="White" HorizontalAlign="Center" />


For Buttons inlcuded in any of the Controls listed above, we need to mention in the source code where ever we see
or


ButtonClass is a class in the CSS file that defines the style. If this piece of code is not added, you may end up seeing small buttons on the screen.

One more thing I had found out while working is that Skin is having less effect on DetailsView.

Please correct me if I am wrong.