.NET Framework Security

Brian A. LaMacchia is the Development Lead for .NET Framework Security at Microsoft Corporation in Redmond, WA, a position he has held since April 1999. Previously, Dr. LaMacchia was the Program Manager for core cryptography in Windows 2000 and, prior to joining Microsoft in 1997, he was a Senior Member of Technical Staff in the Public Policy Research Group at AT&T LabsÑResearch in Florham Park, NJ. He received S.B., S.M., and Ph.D. degrees in Electrical Engineering and Computer Science from MIT in 1990, 1991, and 1996, respectively. Sebastian Lange has been working at Microsoft as Program Manager on the .NET Framework Common Language Runtime security team for over two years. He focuses on security configuration, administration, type safety verification, and secure hosting of the CLR. Prior to his work on security, Sebastian has done research and design in artificial intelligence, both in industry as well as in university. He holds a B.A. in Computer Science and a B.A. in Philosophy from Macalester College. In his spare time, Sebastian practices a variety of musical instruments, and can be seen playing the electric viola for his band Elysian up and down the west coast. Matthew Lyons is the QA lead for security features of the Common Language Runtime at Microsoft Corporation. He has been testing and developing against the internal workings of .NET Framework security for over two years. Before that, he spent two years testing public key cryptography and the certificate services in Windows 2000. Matt received a B.S. in Applied Physics from Purdue University in 1997 and is currently working on an M.S. in Computer Science at the University of Washington. Rudi Martin graduated from Glasgow University (Scotland, U.K.) in 1991 with a B.S.C. in Computing Science. He spent seven years working for Digital Equipment Corporation in the operating systems group, covering areas such as file systems, interprocess communications, and transaction processing. Rudi joined the NDP group at Microsoft in 1999, where he worked in the core execution engine and the security subsystem. He worked on the OpenVMS platform, transitioned to Windows NT, and has been very busy with the Common Language Runtime security group. Kevin T. Price has been a software architect for over seven years specializing in Web-based applications. He is presently a Senior Software Architect for CMS Information Services in Vienna, VA. Kevin has edited books on .NET as well as authored chapters in BizTalk Unleashed. The material and code samples found in his chapters reflect real-world experience. Focusing on the securing of information and platform scalability. Mr. Price has both architecture and hands-on experience using technologies including ASP, Crypto API, JSP, Java, COM/DCOM, VB, C++, .NET, and numerous other technologies related to the Internet and/or the Microsoft-based toolset.