Accessibility benefits everyone

| 0 comments

A very common misconception when talking about accessibility is accessibility is meant only designing for users with disabilities. Nothing could be further from the truth, in fact accessibility is relevant to everyone. More often than not when accessibility is addressed early the outcome it usability increases for everyone. More often than not designers to not fully account for the disabled community and for persons using an assistive technology or facing situational constraints, accessible design becomes much more essential. For example, let me outline limitations, constraints, and accommodations. Accessibility limitations, constraints, and accommodations Limitation Constraint Accommodation Blindness; low vision Poor lighting; …

Continue reading

Technology meets accessibility

| 0 comments

Over the last decade Americans have truly become a wired society. If you disagree with this statement, stop and observe the sheer number of mobile devices and the households that have internet access. Due to the fact that more and more individuals are coming online the reality of addressing the accessibility raises to the forefront. The United States Census Bureau conducted a survey titled American Community Survey back in 2006 and estimated 193,568,216 Americans have a disability of which 13,667,248 are directly related to employment disabilities. Physical disabilities are typically what comes to mind when thinking of accessibility, but it …

Continue reading

Static Code Analysis Toolsets

| 0 comments

In keeping with my last couple of post on Security Development Lifecycle I thought I would put together a list of free and commercial products. While there are many other products out there this should be enough to get you thinking about how you can analyze your code before shipping. .NET FxCop is an application that analyzes managed code assemblies (code that targets the .NET Framework common language runtime) and reports information about the assemblies, such as possible design, localization, performance, and security improvements. Many of the issues concern violations of the programming and design rules set forth in the …

Continue reading

Security Development Lifecycle: Introduction

| 0 comments

I am not entirely sure how many parts of this subject there will be however, I felt I had to start somewhere. Basically I would like to use this series as an opportunity to interact with you on the level of sharing Security Development Lifecycle (SDL) methodologies. In other words, is SDL important, what tools do you employ, how do you approach education, and most importantly with the ever changing security threats how does one stay current? How would you answer these questions? To answer my first question, SDL is absolutely important and as I see this subject it is …

Continue reading

Security Development Lifecycle Design

| 0 comments

Later this month, I will be attending a one day event held by Microsoft in New York, New York on the subject of Security Development Lifecycle. The speaker is Doug Cavit, Principle Security Strategist at Microsoft Corp. Discussions will based upon include discussions based on Customer Focused Design principles and The Ishikawa Method. Both methodologies should facilitate a highly interactive discussion while driving to actionable results. In other words it should be exciting. In the spirit of Security Development Lifecycle, I have put together a handful of resources that I hope you find informational: Code Access Security What’s New in …

Continue reading

AES Encryption Example In C#

| 0 comments

In cryptography, the Advanced Encryption Standard (AES) is a symmetric-key encryption standard. This standard comprises three block ciphers, AES-128, AES-192 and AES-256, adopted from a larger collection originally published as Rijndael. Each of these ciphers has a 128-bit block size, with key sizes of 128, 192 and 256 bits. What Is Encryption? Encryption is the process of changing data into a form that can be read only by the intended receiver. To decipher the message, the receiver of the encrypted data must have the proper decryption key (password). In traditional encryption schemes, the sender and the receiver use the same …

Continue reading