Abstract: Concepts and technologies are described herein for sharing encrypted data with enhanced security. In some configurations, an encryption key is generated from a password by the use of a password-based key generation technology. In addition, input data is encrypted using the encryption key. The encrypted data and the generated key may be then shared with a remote computer, such as a server. The encrypted data can then be decrypted at the remote computer by the use of the key. By the use of the technologies described herein, the contents of an encrypted file may be accessed at a remote computer without requiring a user to share the actual password.

Abstract: Architecture that provides a secure environment in which data (e.g., code, instructions, files, images, etc.) can be opened and run by a client application. Once opened the data can be viewed (in a “protected view”) by the user without incurring risk to other client processing and systems. Accordingly, the architecture mitigates malicious attacks by enabling users to preview untrusted and potentially harmful data (e.g., files) in a low risk manner. Files opened in the protected view are isolated from accessing key resources on the client computer and provides the user a safer way to read files that can contain dangerous content. The protected view also provides a seamless user experience. The user is unaware that the client is operating on data in a different mode and allows for the reduction of security prompts.

Abstract: Aspects of the technology described herein can provide enhanced metadata to authentically report the provenance of a file. An exemplary computing device may have a file broker to receive an indication from a first security principal to write a file to a file system. The file broker can use one file utility to write the file, but use another file utility to write an identification of the first security principal and its opinion about the file into metadata associated with the file. Subsequently, the identification of the first security principal and its opinion may be used to authentically report the provenance of the file and applied in other security applications.

Abstract: Architecture that provides a secure environment in which data (e.g., code, instructions, files, images, etc.) can be opened and run by a client application. Once opened the data can be viewed (in a “protected view”) by the user without incurring risk to other client processing and systems. Accordingly, the architecture mitigates malicious attacks by enabling users to preview untrusted and potentially harmful data (e.g., files) in a low risk manner. Files opened in the protected view are isolated from accessing key resources on the client computer and provides the user a safer way to read files that can contain dangerous content. The protected view also provides a seamless user experience. The user is unaware that the client is operating on data in a different mode and allows for the reduction of security prompts.

Abstract: Architecture that provides a secure environment in which data (e.g., code, instructions, files, images, etc.) can be opened and run by a client application. Once opened the data can be viewed (in a “protected view”) by the user without incurring risk to other client processing and systems. Accordingly, the architecture mitigates malicious attacks by enabling users to preview untrusted and potentially harmful data (e.g., files) in a low risk manner. Files opened in the protected view are isolated from accessing key resources on the client computer and provides the user a safer way to read files that can contain dangerous content. The protected view also provides a seamless user experience. The user is unaware that the client is operating on data in a different mode and allows for the reduction of security prompts.

Abstract: Aspects of the technology described herein can provide enhanced metadata to authentically report the provenance of a file. An exemplary computing device may have a file broker to receive an indication from a first security principal to write a file to a file system. The file broker can use one file utility to write the file, but use another file utility to write an identification of the first security principal and its opinion about the file into metadata associated with the file. Subsequently, the identification of the first security principal and its opinion may be used to authentically report the provenance of the file and applied in other security applications.

Abstract: Architecture that provides a secure environment in which data (e.g., code, instructions, files, images, etc.) can be opened and run by a client application. Once opened the data can be viewed (in a “protected view”) by the user without incurring risk to other client processing and systems. Accordingly, the architecture mitigates malicious attacks by enabling users to preview untrusted and potentially harmful data (e.g., files) in a low risk manner. Files opened in the protected view are isolated from accessing key resources on the client computer and provides the user a safer way to read files that can contain dangerous content. The protected view also provides a seamless user experience. The user is unaware that the client is operating on data in a different mode and allows for the reduction of security prompts.

Abstract: Architecture that provides a secure environment in which data (e.g., code, instructions, files, images, etc.) can be opened and run by a client application. Once opened the data can be viewed (in a “protected view”) by the user without incurring risk to other client processing and systems. Accordingly, the architecture mitigates malicious attacks by enabling users to preview untrusted and potentially harmful data (e.g., files) in a low risk manner. Files opened in the protected view are isolated from accessing key resources on the client computer and provides the user a safer way to read files that can contain dangerous content. The protected view also provides a seamless user experience. The user is unaware that the client is operating on data in a different mode and allows for the reduction of security prompts.

Abstract: Concepts and technologies are described herein for sharing encrypted data with enhanced security. In some configurations, an encryption key is generated from a password by the use of a password-based key generation technology. In addition, input data is encrypted using the encryption key. The encrypted data and the generated key may be then shared with a remote computer, such as a server. The encrypted data can then be decrypted at the remote computer by the use of the key. By the use of the technologies described herein, the contents of an encrypted file may be accessed at a remote computer without requiring a user to share the actual password.

Abstract: A candidate identifier for a process is generated and an attempt is made to have a named object created that has a name that is the candidate identifier. In response to the attempt succeeding and the named object being created, the candidate identifier is used as an identifier for the process. In response to the attempt not succeeding and the named object not being created, the generating and attempting are repeated.

Abstract: Architecture that provides a secure environment in which data (e.g., code, instructions, files, images, etc.) can be opened and run by a client application. Once opened the data can be viewed (in a “protected view”) by the user without incurring risk to other client processing and systems. Accordingly, the architecture mitigates malicious attacks by enabling users to preview untrusted and potentially harmful data (e.g., files) in a low risk manner. Files opened in the protected view are isolated from accessing key resources on the client computer and provides the user a safer way to read files that can contain dangerous content. The protected view also provides a seamless user experience. The user is unaware that the client is operating on data in a different mode and allows for the reduction of security prompts.

Abstract: Architecture that provides a secure environment in which data (e.g., code, instructions, files, images, etc.) can be opened and run by a client application. Once opened the data can be viewed (in a “protected view”) by the user without incurring risk to other client processing and systems. Accordingly, the architecture mitigates malicious attacks by enabling users to preview untrusted and potentially harmful data (e.g., files) in a low risk manner. Files opened in the protected view are isolated from accessing key resources on the client computer and provides the user a safer way to read files that can contain dangerous content. The protected view also provides a seamless user experience. The user is unaware that the client is operating on data in a different mode and allows for the reduction of security prompts.

Abstract: Systems and methods for creating a secure process on a web server can include creating an application manager process, and creating an application host process, the application host process being created under control of the application manager process. Example methods can also include restricting attributes of the application host process, and assigning a unique logon identifier to the application host process so that the application host process can only communicate with the application manager process.

Abstract: A candidate identifier for a process is generated and an attempt is made to have a named object created that has a name that is the candidate identifier. In response to the attempt succeeding and the named object being created, the candidate identifier is used as an identifier for the process. In response to the attempt not succeeding and the named object not being created, the generating and attempting are repeated.

Abstract: Architecture that provides a secure environment in which data (e.g., code, instructions, files, images, etc.) can be opened and run by a client application. Once opened the data can be viewed (in a “protected view”) by the user without incurring risk to other client processing and systems. Accordingly, the architecture mitigates malicious attacks by enabling users to preview untrusted and potentially harmful data (e.g., files) in a low risk manner. Files opened in the protected view are isolated from accessing key resources on the client computer and provides the user a safer way to read files that can contain dangerous content. The protected view also provides a seamless user experience. The user is unaware that the client is operating on data in a different mode and allows for the reduction of security prompts.

Abstract: Techniques are provided for performing memory diagnostics. A portion of physical memory is locked using functionality included in an operating system. At least one memory diagnostic test is executed on the portion producing a result. It is determined, in accordance with the result, whether a memory problem exists for the portion of physical memory.

Abstract: Systems and methods for creating a secure process on a web server can include creating an application manager process, and creating an application host process, the application host process being created under control of the application manager process. Example methods can also include restricting attributes of the application host process, and assigning a unique logon identifier to the application host process so that the application host process can only communicate with the application manager process.