Academic Resource Center

in	Advanced Search

Click below to find specific academic materials:

Categories

Author

Computer Science Areas

Level

Technologies

Usage Type

Special Collaboration Areas

Business Intelligence	Robotics
Compilers, Languages, Runtimes	Sensor Networks
Embedded Systems	Software Engineering
Gaming and Graphics	Technology in Learning
Mobility	Trustworthy Computing
Networking	Updates from Microsoft Research
Operating Systems

Home > Trustworthy Computing (93 Object(s) in 14 Usage Type(s) found)

Faculty Preparation: Course Outline

Defense Against the Dark Arts Course Materials - 08/11/2008
This course presents the art of virus detection. It uses the Microsoft Experimental Compiler Phoenix to break down compiled virus code and other techniques such as lexicographical analysis to teach students about computer virus in a safe and ethical manner.

Faculty Preparation: Professional Development

Information Security Curriculum: Computing Curriculum Workshop 2004 - 05/25/2004
In this presentation from the 2004 Computing Curriculum, Asst. Professor Dr. Brad Jensen, University of North Texas, showcases a course that provides students with an introduction to the various technical and management aspects of information security and information assurance.

Faculty Preparation: Textbook

		ASP.NET Security - 07/23/2003 Covers every topic from building secure pages, to security configuration.
		Security for Microsoft® Visual Basic® .NET - 05/05/2003 This procedural book teaches developers how to add security features to applications and how to deploy and run them securely with Visual Basic, the most popular programming language.
		Writing Secure Code - 04/18/2002 Keep the bad guys at bay with this entertaining, eye-opening book. You'll learn how to padlock your applications throughout development-with advice from two battle-scarred veterans who have solved some of the toughest security problems in the industry.

Learning Activities: Executable Program

.NET Security - 01/10/2004
In this course, students learn how to be prepared for security threats early in the life cycle of their projects.

Learning Activities: Exercise/Exam

		.NET Security - 01/10/2004 In this course, students learn how to be prepared for security threats early in the life cycle of their projects.
		CAS Enforcement Quiz - .NET Security - 01/20/2004 Five question quiz on CAS enforcement.
		CAS Policy Quiz - .NET Security - 01/20/2004 This quiz asks six questions about CAS policy.
		COM+ (System.EnterpriseServices) Quiz - .NET Security - 01/20/2004 This quiz asks five questions about Microsoft COM+ and System.EnterpriseServices.
		Conventional Cryptography and Kerberos Quiz - .NET Security - 01/20/2004 This quiz asks five questions about conventional cryptography and Kerberos.
		Dumb Code Quiz - .NET Security - 01/20/2004 This quiz asks five questions about dumb code.
		Operating System Security in a Windows Server Environment - 02/08/2005 In this tutorial you will learn which threats a server machine is exposed to when connected to the internet and how to face them. You learn how to minimize the risk caused by network services running on your server.
		Public Key Cryptography and SSL Quiz - .NET Security - 01/20/2004 This quiz asks six questions about public key cryptography and SSL.
		Remoting Quiz - .NET Security - 01/20/2004 This quiz asks four questions about remoting.
		Security Teaching Objects - Advanced Buffers - 2 of 2 (Slides) - 12/06/2006 This session continues coverage of buffer overruns by diving into details on heap overruns and string format bugs, which rely on buffer overruns. It also covers the use of Application Verifier to discover heap overrun bugs.
		Security Teaching Objects - Buffer Overruns - 2 of 2 (Video) - 12/06/2006 This session covers the fundamentals of buffer overruns, focusing on stack overruns. As well as the tools and techniques that may be employed to prevent them.
		Security Teaching Objects - Cross Site Scripting - 2 of 2 (Slides) - 12/06/2006 This session covers defending against the practice of using malicious scripts to trick a user's browser into performing unapproved actions.
		Security Teaching Objects - Cryptography - 2 of 2 (Slides) - 12/06/2006 This session covers the fundamentals of cryptography. Topics include encryption, hashing, and digital signatures.
		Security Teaching Objects - Integer Overflow - 2 of 2 (Slides) - 12/06/2006 This session provides a primer on binary and dives into the inherent risks in working with numbers, such as signed/unsigned mismatches, truncation, and ANSI/UNICODE mismatches.
		Security Teaching Objects - Race Conditions - 2 of 2 (Slides) - 12/06/2006 This session covers the fundamentals of race conditions, as well as the potential threats they pose in the hands of a malicious user.
		Security Teaching Objects - Resource Management - 2 of 2 (Slides) - 12/06/2006 This session covers the importance of proper resource management. It includes coverage of several scenarios in which seemingly well-behaved code puts users at risk by failing to pay close attention to return values and other error indicators.
		Security Teaching Objects - Security Compliance Issues - 2 of 2 (Slides) - 12/06/2006 This session covers the important issues in security compliance as required by US laws and regulations. It also provides a general overview of the security compliance process.
		Security Teaching Objects - SQL Injection - 2 of 2 (Slides) - 12/06/2006 This session covers defending against the practice of providing malicious input to database-driven applications that can have unexpected and often dangerous effects.
		Security Teaching Objects - Threat Modeling - 2 of 2 (Slides) - 12/06/2006 This session covers threat modeling, which is the process of categorizing, prioritizing, and mitigating security threats in a system. It will cover both STRIDE categorization and DREAD prioritization. It is intended to be the first session delivered in the series.
		Security Teaching Objects - Trusting User Input - 2 of 2 (Slides) - 12/06/2006 This session covers the various ways users can provide bad input to an application, as well as ways to sanitize it for protection. It includes heavy coverage of regular expressions.
		Threat Modeling - .NET Security - 01/20/2004 This quiz asks four questions about threat modeling.
		Web Services Quiz - .NET Security - 01/20/2004 This quiz asks four questions about Web services.
		Web-Application Security Quiz - .NET Security - 01/20/2004 This quiz asks five questions about Web-Application Security.
		Windows Security 101 Quiz - .NET Security - 01/20/2004 Seven questions quiz on Microsoft® Windows® security.
		Windows Security 102 Quiz - .NET Security - 01/20/2004 This quiz asks six questions about Microsoft® Windows® security.

Learning Activities: Lab

		.NET Security - 01/10/2004 In this course, students learn how to be prepared for security threats early in the life cycle of their projects.
		CAS Enforcement Lab - .NET Security - 01/20/2004 In this exercise, you’ll experiment with deploying a Microsoft® Windows® Forms application on the Intranet.
		CAS Policy Lab - .NET Security - 01/20/2004 In this exercise, you’ll look at the way policy levels hang together and become familiar with the various permissions that are defined by the Microsoft® .NET Framework.
		COM Lab - .NET Security - 01/20/2004 This exercise walks you through building and securing a managed COM+ server.
		Conventional Crypto Lab - .NET Security - 01/20/2004 In this lab, you’ll work with files and passwords, deriving a conventional key from a password and using that key to encrypt the file.
		Impersonation Lab - .NET Security - 01/20/2004 In this lab, you’ll gain some hands-on experience with impersonation. 2) See some examples of dumb code leading to security holes.
		Operating System Security in a Windows Server Environment - 02/08/2005 In this tutorial you will learn which threats a server machine is exposed to when connected to the internet and how to face them. You learn how to minimize the risk caused by network services running on your server.
		Public Key Crypto Lab - .NET Security - 01/20/2004 In this lab, you’ll build a socket-based architecture for sending and receiving signed and encrypted messages.
		Remoting Lab - .NET Security - 01/20/2004 In this exercise, you’ll add security to an existing remoting application.
		Tokens Lab - .NET Security - 01/20/2004 In this lab, you’ll set up a simple Kerberos-based distributed system.
		Web Application Security Lab - .NET Security - 01/20/2004 In this lab, you’ll build the infrastructure that enables a Web application to support forms authentication and integrated Microsoft Windows® authentication.
		Web Services Lab - .NET Security - 01/20/2004 In this exercise, you’ll experiment with an early implementation of the WS-Security specification and the Web Services Enhancements toolkit from Microsoft.

Learning Activities: Project

Presentation Materials: Audiovisual Content

		Microsoft Academic Days on Business Applications, Relational Databases, and Security - Microsoft SQL Scripts for the Dynamics GP Accountant - 1 of 2 (Video) - 11/30/2007 In this presentation the presenter will share Microsoft SQL scripts for Microsoft Dynamics GP that are easy to run and understand.
		Security Teaching Objects - Advanced Buffers - 1 of 2 (Video) - 12/06/2006 This session continues coverage of buffer overruns by diving into details on heap overruns and string format bugs, which rely on buffer overruns. It also covers the use of Application Verifier to discover heap overrun bugs.
		Security Teaching Objects - Buffer Overruns - 1 of 2 (Video) - 12/06/2006 This session covers the fundamentals of buffer overruns, focusing on stack overruns. As well as the tools and techniques that may be employed to prevent them.
		Security Teaching Objects - Cross Site Scripting - 1 of 2 (Video) - 12/06/2006 This session covers defending against the practice of using malicious scripts to trick a user's browser into performing unapproved actions.
		Security Teaching Objects - Cryptography - 1 of 2 (Video) - 12/06/2006 This session covers the fundamentals of cryptography. Topics include encryption, hashing, and digital signatures.
		Security Teaching Objects - Integer Overflow - 1 of 2 (Slides) - 12/06/2006 This session provides a primer on binary and dives into the inherent risks in working with numbers, such as signed/unsigned mismatches, truncation, and ANSI/UNICODE mismatches.
		Security Teaching Objects - Race Conditions - 1 of 2 (Video) - 12/06/2006 This session covers the fundamentals of race conditions, as well as the potential threats they pose in the hands of a malicious user.
		Security Teaching Objects - Resource Management - 1 of 2 (Video) - 12/06/2006 This session covers the importance of proper resource management. It includes coverage of several scenarios in which seemingly well-behaved code puts users at risk by failing to pay close attention to return values and other error indicators.
		Security Teaching Objects - Security Compliance Issues - 1 of 2 (Video) - 12/06/2006 This session covers the important issues in security compliance as required by US laws and regulations. It also provides a general overview of the security compliance process.
		Security Teaching Objects - SQL Injection - 1 of 2 (Video) - 12/06/2006 This session covers defending against the practice of providing malicious input to database-driven applications that can have unexpected and often dangerous effects.
		Security Teaching Objects - Threat Modeling - 1 of 2 (Video) - 12/06/2006 This session covers threat modeling, which is the process of categorizing, prioritizing, and mitigating security threats in a system. It will cover both STRIDE categorization and DREAD prioritization. It is intended to be the first session delivered in the series.
		Security Teaching Objects - Trusting User Input - 1 of 2 (Video) - 12/06/2006 This session covers the various ways users can provide bad input to an application, as well as ways to sanitize it for protection. It includes heavy coverage of regular expressions.
		Web Service Security:Theory and Practice (w/ narration) - 1 of 2 (Video) - 04/26/2004 This presentation (slides w/ audio) from Microsoft Research’s Fourth Crash Course for Faculty and PhD students discusses Microsoft WSE, WSDL, SOAP, cryptyc, and app-level and message level syntax.
		Writing Secure and Hack Resistant Code Part 1 (w/ narration): MSR Crash Course 4 - 1 of 6 (Video) - 04/26/2004 This presentation (slides w/ narration) from Microsoft Research’s Fourth Crash Course for Faculty and PhD students discusses best practices for writing secure code and Microsoft threat modeling designs.
		Writing Secure and Hack Resistant Code Part 1 (w/ narration): MSR Crash Course 4 - 2 of 6 (Video) - 04/26/2004 This presentation (slides w/ narration) from Microsoft Research’s Fourth Crash Course for Faculty and PhD students discusses best practices for writing secure code and Microsoft threat modeling designs.
		Writing Secure and Hack Resistant Code Part 1 (w/ narration): MSR Crash Course 4 - 3 of 6 (Video) - 04/26/2004 This presentation (slides w/ narration) from Microsoft Research’s Fourth Crash Course for Faculty and PhD students discusses best practices for writing secure code and Microsoft threat modeling designs.
		Writing Secure and Hack Resistant Code Part 1 (w/ narration): MSR Crash Course 4 - 4 of 6 (Video) - 04/26/2004 This presentation (slides w/ narration) from Microsoft Research’s Fourth Crash Course for Faculty and PhD students discusses best practices for writing secure code and Microsoft threat modeling designs.
		Writing Secure and Hack Resistant Code Part 1 (w/ narration): MSR Crash Course 4 - 5 of 6 (Video) - 04/26/2004 This presentation (slides w/ narration) from Microsoft Research’s Fourth Crash Course for Faculty and PhD students discusses best practices for writing secure code and Microsoft threat modeling designs.
		Writing Secure and Hack Resistant Code Part 2 (w/ narration): MSR Crash Course 4 - 2 of 4 (Video) - 04/26/2004 This presentation (slides w/ narration) from Microsoft Research’s Fourth Crash Course for Faculty and PhD students discusses best practices for writing secure code and Microsoft threat modeling designs.
		Writing Secure and Hack Resistant Code Part 2 (w/ narration): MSR Crash Course 4 - 3 of 4 (Video) - 04/26/2004 This presentation (slides w/ narration) from Microsoft Research’s Fourth Crash Course for Faculty and PhD students discusses best practices for writing secure code and Microsoft threat modeling designs.
		Writing Secure and Hack Resistant Code Part 2 (w/ narration): MSR Crash Course 4 - 4 of 4 (Video) - 04/26/2004 This presentation (slides w/ narration) from Microsoft Research’s Fourth Crash Course for Faculty and PhD students discusses best practices for writing secure code and Microsoft threat modeling designs.

Presentation Materials: Demo

		Defense Against the Dark Arts Course Materials - 08/11/2008 This course presents the art of virus detection. It uses the Microsoft Experimental Compiler Phoenix to break down compiled virus code and other techniques such as lexicographical analysis to teach students about computer virus in a safe and ethical manner.
		Microsoft Academic Days on Business Applications, Relational Databases, and Security - Microsoft SQL Scripts for the Dynamics GP Accountant - 2 of 2 (Slides) - 11/30/2007 In this presentation the presenter will share Microsoft SQL scripts for Microsoft Dynamics GP that are easy to run and understand.
		Security Teaching Objects - Advanced Buffers - 2 of 2 (Slides) - 12/06/2006 This session continues coverage of buffer overruns by diving into details on heap overruns and string format bugs, which rely on buffer overruns. It also covers the use of Application Verifier to discover heap overrun bugs.
		Security Teaching Objects - Buffer Overruns - 2 of 2 (Video) - 12/06/2006 This session covers the fundamentals of buffer overruns, focusing on stack overruns. As well as the tools and techniques that may be employed to prevent them.
		Security Teaching Objects - Cross Site Scripting - 2 of 2 (Slides) - 12/06/2006 This session covers defending against the practice of using malicious scripts to trick a user's browser into performing unapproved actions.
		Security Teaching Objects - Cryptography - 2 of 2 (Slides) - 12/06/2006 This session covers the fundamentals of cryptography. Topics include encryption, hashing, and digital signatures.
		Security Teaching Objects - Integer Overflow - 2 of 2 (Slides) - 12/06/2006 This session provides a primer on binary and dives into the inherent risks in working with numbers, such as signed/unsigned mismatches, truncation, and ANSI/UNICODE mismatches.
		Security Teaching Objects - Race Conditions - 2 of 2 (Slides) - 12/06/2006 This session covers the fundamentals of race conditions, as well as the potential threats they pose in the hands of a malicious user.
		Security Teaching Objects - Resource Management - 2 of 2 (Slides) - 12/06/2006 This session covers the importance of proper resource management. It includes coverage of several scenarios in which seemingly well-behaved code puts users at risk by failing to pay close attention to return values and other error indicators.
		Security Teaching Objects - Security Compliance Issues - 2 of 2 (Slides) - 12/06/2006 This session covers the important issues in security compliance as required by US laws and regulations. It also provides a general overview of the security compliance process.
		Security Teaching Objects - SQL Injection - 2 of 2 (Slides) - 12/06/2006 This session covers defending against the practice of providing malicious input to database-driven applications that can have unexpected and often dangerous effects.
		Security Teaching Objects - Threat Modeling - 2 of 2 (Slides) - 12/06/2006 This session covers threat modeling, which is the process of categorizing, prioritizing, and mitigating security threats in a system. It will cover both STRIDE categorization and DREAD prioritization. It is intended to be the first session delivered in the series.
		Security Teaching Objects - Trusting User Input - 2 of 2 (Slides) - 12/06/2006 This session covers the various ways users can provide bad input to an application, as well as ways to sanitize it for protection. It includes heavy coverage of regular expressions.

Presentation Materials: Slides

		.NET Security - 01/10/2004 In this course, students learn how to be prepared for security threats early in the life cycle of their projects.
		.NET Security Module - Microsoft .NET Developer Tools Readiness Kit - 01/15/2004 This module provides an introduction to Microsoft® .NET security.
		Building Secure Software Applications - 01/26/2004 This course focuses on security in IT systems and the countermeasures that can be taken during development to prevent and detect security issues to assure good software engineering practices, and features a guide to Microsoft® .NET Code Access Security.
		Code Access Security - Part One Module - .NET Security - 01/20/2004 This module focuses on evidence, permissions, and policy.
		Code Access Security - Part Two Module - .NET Security - 01/20/2004 This module discusses the CAS stackwalk, including issues in building secure gateways to secured resources, such as assertion of permissions.
		Code Access Security Module - .NET: Building Applications and Components with C# - 01/18/2004 This module explains the code access security model, including evidence, policy, permissions, and stack walking.
		COM+ Module - .NET Security - 01/20/2004 This module focuses on the COM+ security model and how to use DCOM security to build secure distributed applications.
		Conventional Cryptography and Authentication Module - .NET Security - 01/20/2004 This module introduces symmetric (secret) key cryptography and the Microsoft® .NET Framework classes that expose it.
		DNA to .NET Porting Module - Microsoft .NET Developer Tools Readiness Kit - 01/15/2004 This module provides an introduction to DNA to .NET porting.
		Dumb Code Module - .NET Security - 01/20/2004 This module explains how to write robust code by showing examples of bad code with security holes.
		Escrevendo Código Seguro - 10/26/2007 Introdução à Segurança de Código; Microsoft Secure Development Lifecycle; como funcionam os Buffer Overruns; boas práticas e ferramentas de desenvolvimento com foco em segurança.
		Évolution de la sécurité chez Microsoft - 05/24/2005 - Stratégie de Microsoft en matière de sécurité - La sécurité dans les produits Microsoft - Le retour d’expérience de Microsoft sur la sécurité, en tant qu’entreprise devant protéger son IT
		Intellectual Property - 03/19/2007 Presentation on Intellectual Property - The Facts, Fiction. Presented by Ronald Zink at the Microsoft MEA Academic Days 2007 in Tunisia.
		Microsoft Academic Days on Business Applications, Relational Databases, and Security - Microsoft SQL Scripts for the Dynamics GP Accountant - 2 of 2 (Slides) - 11/30/2007 In this presentation the presenter will share Microsoft SQL scripts for Microsoft Dynamics GP that are easy to run and understand.
		Mise en oeuvre d'une politique de gestion des correctifs de sécurité_Deuxième partie sur 2 - 03/18/2005 Description générale de la sécurité dans le cadre des coorectifs et l'implémentation Microsoft (1/2)
		Mise en oeuvre d'une politique de gestion des correctifs de sécurité_Première partie sur 2 - 03/18/2005 Description générale de la sécurité dans le cadre des coorectifs et l'implémentation Microsoft (1/2)
		Nouveautés en matière de sécurité du poste de travail et des serveurs v1.1_Deuxième partie sur 2 - 03/18/2005 L'informatique de confiance (Trustworthy computing)et les apports de la sécurité pour les systèmes Microsoft (2/2)
		Nouveautés en matière de sécurité du poste de travail et des serveurs v1.1_Première partie sur 2 - 03/18/2005 L'informatique de confiance (Trustworthy computing)et les apports de la sécurité pour les systèmes Microsoft
		Overview Module - .NET Security - 01/20/2004 In this course, you’ll learn how to prepare for security threats early in the life cycle of projects. It discusses encryption, network authentication, and then authorization strategies.
		Public Key Cryptography and Authentication Module - .NET Security - 01/20/2004 This module introduces asymmetric (public) key cryptography and certificates.
		Remoting Module - .NET Security - 01/20/2004 This module provides an introduction to building systems based on Microsoft® .NET Remoting.
		Secure Software Engineering - 02/13/2007 This archive contains materials of a uinversity course on secure software engineering at St. Petersburg University. Software lifecycle, programming paradigms, software process and their relation to secure software development are considered. Special attention is paid to aspect-oriented programming.
		Security Teaching Objects - Advanced Buffers - 2 of 2 (Slides) - 12/06/2006 This session continues coverage of buffer overruns by diving into details on heap overruns and string format bugs, which rely on buffer overruns. It also covers the use of Application Verifier to discover heap overrun bugs.
		Security Teaching Objects - Buffer Overruns - 2 of 2 (Video) - 12/06/2006 This session covers the fundamentals of buffer overruns, focusing on stack overruns. As well as the tools and techniques that may be employed to prevent them.
		Security Teaching Objects - Cross Site Scripting - 2 of 2 (Slides) - 12/06/2006 This session covers defending against the practice of using malicious scripts to trick a user's browser into performing unapproved actions.
		Security Teaching Objects - Cryptography - 2 of 2 (Slides) - 12/06/2006 This session covers the fundamentals of cryptography. Topics include encryption, hashing, and digital signatures.
		Security Teaching Objects - Integer Overflow - 2 of 2 (Slides) - 12/06/2006 This session provides a primer on binary and dives into the inherent risks in working with numbers, such as signed/unsigned mismatches, truncation, and ANSI/UNICODE mismatches.
		Security Teaching Objects - Race Conditions - 2 of 2 (Slides) - 12/06/2006 This session covers the fundamentals of race conditions, as well as the potential threats they pose in the hands of a malicious user.
		Security Teaching Objects - Resource Management - 2 of 2 (Slides) - 12/06/2006 This session covers the importance of proper resource management. It includes coverage of several scenarios in which seemingly well-behaved code puts users at risk by failing to pay close attention to return values and other error indicators.
		Security Teaching Objects - Security Compliance Issues - 2 of 2 (Slides) - 12/06/2006 This session covers the important issues in security compliance as required by US laws and regulations. It also provides a general overview of the security compliance process.
		Security Teaching Objects - SQL Injection - 2 of 2 (Slides) - 12/06/2006 This session covers defending against the practice of providing malicious input to database-driven applications that can have unexpected and often dangerous effects.
		Security Teaching Objects - Threat Modeling - 2 of 2 (Slides) - 12/06/2006 This session covers threat modeling, which is the process of categorizing, prioritizing, and mitigating security threats in a system. It will cover both STRIDE categorization and DREAD prioritization. It is intended to be the first session delivered in the series.
		Security Teaching Objects - Trusting User Input - 2 of 2 (Slides) - 12/06/2006 This session covers the various ways users can provide bad input to an application, as well as ways to sanitize it for protection. It includes heavy coverage of regular expressions.
		Threats and Mitigation Module - .NET Security - 01/20/2004 This module identifies and categorizes the general threats posed to applications built on the Microsoft® .NET Framework, and discusses how to prioritize and mitigate them.
		Trustworthy Compiler Development - 12/02/2008 This course is the enhanced version of my "Compiler Development" course uploaded to the MSDNAA Web site in 2004 (object id = 5938). The material is enhanced by the concept of trustworthy compiler and principles and practice of trustworthy compiler development. Also, new material is added on representing data types at runtime, efficient semantic analysis using applied occurrences lists, and on Microsoft Phoenix.
		Web Application Security Module - .NET Security - 01/20/2004 This module discusses the HTTP pipeline that Microsoft ASP.NET uses and the security services provided at each point in the pipeline.
		Web Service Security Module - .NET Security - 01/20/2004 This module discusses the current practical thoughts on authentication models for Web services.
		Web Service Security:Theory and Practice (slides only) - 04/26/2004 This presentation (slides only) from Microsoft Research’s Fourth Crash Course for Faculty and PhD students discusses Microsoft WSE, WSDL, SOAP, cryptyc, and app-level and message level syntax.
		Web Service Security:Theory and Practice (w/ narration) - 2 of 2 (Slides) - 04/26/2004 This presentation (slides w/ audio) from Microsoft Research’s Fourth Crash Course for Faculty and PhD students discusses Microsoft WSE, WSDL, SOAP, cryptyc, and app-level and message level syntax.
		Windows Security 101 Module - .NET Security - 01/20/2004 This module tours the features in the operating system that are important for developers to know. This first of two modules discusses the Trusted Computing Base, principals, authorities, groups, privileges, tokens, logon sessions, window stations, and the secondary logon service.
		Windows Security 102 Module - .NET Security - 01/20/2004 This module on operating system security focuses on client identity management in distributed systems.
		Writing Secure and Hack Resistant Code Part 1 (w/ narration): MSR Crash Course 4 - 6 of 6 (Slides) - 04/26/2004 This presentation (slides w/ narration) from Microsoft Research’s Fourth Crash Course for Faculty and PhD students discusses best practices for writing secure code and Microsoft threat modeling designs.
		Writing Secure and Hack Resistant Code Part 2 (w/ narration): MSR Crash Course 4 - 1 of 4 (Slides) - 04/26/2004 This presentation (slides w/ narration) from Microsoft Research’s Fourth Crash Course for Faculty and PhD students discusses best practices for writing secure code and Microsoft threat modeling designs.

Reference Materials: Case Study

		Building Secure Software Applications - 01/26/2004 This course focuses on security in IT systems and the countermeasures that can be taken during development to prevent and detect security issues to assure good software engineering practices, and features a guide to Microsoft® .NET Code Access Security.
		Lernen durch Begeisterung - 02/25/2008 Diese Studie untersucht, ob und wie durch den Einsatz geeigneter Methoden in der Lehre die Stoffpräsenz bei Studierenden verbessert werden kann.

Reference Materials: Readings

		Building Secure Software Applications - 01/26/2004 This course focuses on security in IT systems and the countermeasures that can be taken during development to prevent and detect security issues to assure good software engineering practices, and features a guide to Microsoft® .NET Code Access Security.
		Lernen durch Begeisterung - 02/25/2008 Diese Studie untersucht, ob und wie durch den Einsatz geeigneter Methoden in der Lehre die Stoffpräsenz bei Studierenden verbessert werden kann.
		Operating System Security in a Windows Server Environment - 02/08/2005 In this tutorial you will learn which threats a server machine is exposed to when connected to the internet and how to face them. You learn how to minimize the risk caused by network services running on your server.

Reference Materials: Source Code

		.NET Security - 01/10/2004 In this course, students learn how to be prepared for security threats early in the life cycle of their projects.
		Operating System Security in a Windows Server Environment - 02/08/2005 In this tutorial you will learn which threats a server machine is exposed to when connected to the internet and how to face them. You learn how to minimize the risk caused by network services running on your server.

Reference Materials: Tutorial