76 minutes read

Going Nuclear: Modeling Threats to Distributed Systems

It probably won’t come as a shock to you that as I was writing up my last post on IoT and my new Geiger counter I was mentally reviewing all the things that scared the crap out of me had me concerned security-wise. I don’t mean the apocalyptic visions of Fallout, but about the fact that I…

11 minutes read

IoT is Weird: Or Why I now have a Network Connected Geiger Counter

Update I have a page of data here: http://syfuhs.net/my-rad-monitor/. It’s a bit weird to imagine everything with an IP address. I’m not entirely sure how I feel about this idea. My feelings about this aside though, this is becoming more and more prevalent with the advent of cheap and powerful processors available to anyone with an idea. It used…

1 minute read

Ptr: Azure Pack UserVoice Feedback

Ptr: http://feedback.azure.com/forums/255259-azure-pack Looks like Microsoft just launched a public UserVoice site for Azure Pack! You can submit or vote for your most wanted features for upcoming releases. Cool! Like all feedback sites not all features or requests can be met, but it’s still a great way for customers to tell Microsoft where they should focus…

1 minute read

Ptr: Authentication Scenarios in Azure AD

Came across a great article on MSDN recently that outlines the various authentication scenarios in Azure AD. Azure Active Directory (Azure AD) simplifies authentication for developers by providing identity as a service, with support for industry-standard protocols such as OAuth 2.0 and OpenID Connect, as well as open source libraries for different platforms to help…

14 minutes read

Windows Azure Pack Tenant Public API Authentication Options

Web services, as we’ve learned throughout this series, are integral to the workings of Windows Azure Pack. Every UI exposed to the user connects to the backend via web service, every resource provider is managed by Windows Azure Pack through their own web services, and 3rd party functionality can be tied in through web services….

2 minutes read

Windows Azure Pack at TechEd 2014

It looks like Windows Azure Pack is starting to become my new favorite thing — so much so that I was excited to see that there were a number of presentations on it at TechEd this year. What makes this even better is that the presentations were recorded and you can stream them from Channel…

13 minutes read

Web Service Authentication in Windows Azure Pack

It’s been a couple months since we last looked at Windows Azure Pack so before we jump into the thick of it lets recap. Windows Azure Pack is an awesome on-premise private cloud platform The interactive portions are broken down into two sections: admin areas and tenant areas It relies on JWTs as bearer tokens…

2 minutes read

Covert Redirect in OAuth 2.0 and OpenID — or yeah, and?

Earlier today a news story broke claiming the sky is falling because OAuth 2.0 and OpenID are vulnerable to “Covert Redirect” attacks — or as the rest of the world calls them — open redirects. This class of vulnerability has been around for quite a while and frankly is already mentioned in the threat model for…

2 minutes read

Windows Azure Pack Authentication Part 3.5 – Using ADFS

Since we looked at using a custom IdP for Windows Azure Pack last time I figured it would be good to explicitly list some resources for those looking to use ADFS instead as that’s a fairly common scenario people are exploring. Building Clouds Federated Identities to Windows Azure Pack through AD FS – Part 1…

3 minutes read

Creating Authority-Signed and Self-Signed Certificates in .NET

Whenever I get some free time I like to tackle certain projects that have piqued my interest. Often times I don’t get to complete these projects, or they take months to complete. In this case I’ve spent the last few months trying to get these samples to work. Hopefully you’ll find them useful. In the…