I’m just back from SQL PASS, and my next conference trip will be to Lost Wages, Nevada for DevConnections. It is again at the Mandalay Bay Resort on the Strip. I fully expect to spend exactly zero dollars and time on gambling, particularly when the conference chairs have again done an incredible job of assembling content. I’m particularly excited about the addition of C++ Connections, and getting to hear Bjarne Stroustrup’s keynote. All of the conferences have some incredible speakers.
Once again the Visual Studio and SQL Server conference chairs screwed up and picked some of my sessions. Will they never learn???
I’ll be presenting these:
Making the Most of VS 2005's Security Tools
Visual Studio 2005 has a large set of new and old tools that can help make applications more secure and robust. This session will explore how to build secure applications using various tools and techniques for both managed code and native code. Developers can use technologies such as PreFast, FxCop, Integrated Bug Tracking, /GS switch, SafeCRT libraries, AppVerifier, and various Code Access Security tools to analyze source code and diagnose deeply hidden security vulnerabilities. These security enhancements will help make writing secure applications easier than ever before. Your everyday development environment will have the tools you need to build secure applications and, more importantly, verify that they are secure.
Building Applications, Next Generation: MSBuild
How do you build your applications? Hit Rebuild Solution in VS.NET and run with it? Create your own command-line batch files? Use NAnt? Do you use something else fragile, inflexible, and un-integrated with your development environment? Microsoft feels your pain! Coming soon to an OS near you is MSBuild, a tool closely integrated with VS.NET solution files that let you build multiple, flexible build descriptions that are automatically synced up with solution files. Best of all, it exposes every step of the build process that once was hidden deep within VS.NET — you can edit any part of it. By modifying the build process, you can incorporate unit testing, complete database rebuilds and import sample data, develop multiple build scenarios, run utilities like FxCop on the project, and almost anything you want to do every time you build your project. You also have the power to royally screw up your builds beyond recognition! By the end of this session, you'll know whether MSBuild is right for your project and how to put it to best use.
Data Encryption in SQL Server 2000
Sure, SQL Server 2005 has the hot new features, including support for native data encryption on the server. But what if you need in-depth defense in SQL Server 2000? You can implement encryption for data stored in SQL Server 2000 using any of several techniques. The trick is to manage your encryption keys securely and avoid creating a performance nightmare on the server. Learn a few of the more useful encryption techniques to provide this important last line of defense to your critical data stored in SQL Server 2000.
Security in the CLR World Inside SQL Server
One of the major benefits of writing .NET code to run in the Common Language Runtime (CLR) in any environment is code access security (CAS). CAS provides a code-based —rather than user-based — authorization scheme to prevent various kinds of luring and other code attacks. But how does that security scheme coexist with SQL Server 2005's own, greatly enhanced security features? By default your .NET code is reasonably secure, but it’s all too easy for the two security schemes to butt heads and cause you grief. During this session, we'll briefly look at the concept behind CAS, then explore how to make it work for you instead of against you as you take advantage of these advanced programming features in SQL Server.
Using the XML Data Type
With XML as a native data type in SQL Server 2005, you now have two query engines and syntaxes: SQL and the new XQuery. Creating queries that mix the two engines can be daunting — and hazardous to your performance. In this session, explore the XML data type and XML-specific T-SQL functions you can use with it, how to mix and match the syntaxes effectively, and how to build common queries that extract and modify data at a minimum of two levels: relational data and embedded XML.
Paul Litwin, chair of ASP.NET Connections, has started a blog to talk about planning a conference like DevConnections. Interesting stuff…I don’t envy him his job!