- secureingmessages.zip
- secureingmessages
- SecureingMessages
- codeproject_template.html
- Images
- sm_image001.gif
- sm_image002.gif
- sm_image004.gif
- sm_image006.jpg
- sm_image008.jpg
- sm_image010.jpg
- sm_image012.jpg
- sm_image014.jpg
- sm_image016.jpg
- sm_image018.jpg
- SecuringMessages.zip
|
<!--------------------------------------------------------------------------->
<!-- INTRODUCTION
The Code Project article submission template (HTML version)
Using this template will help us post your article sooner. To use, just
follow the 3 easy steps below:
1. Fill in the article description details
2. Add links to your images and downloads
3. Include the main article text
That's all there is to it! All formatting will be done by our submission
scripts and style sheets.
-->
<!--------------------------------------------------------------------------->
<!-- IGNORE THIS SECTION -->
<html>
<head>
<title>The Code Project</title>
<Style>
BODY, P, TD { font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 10pt }
H2,H3,H4,H5 { color: #ff9900; font-weight: bold; }
H2 { font-size: 13pt; }
H3 { font-size: 12pt; }
H4 { font-size: 10pt; color: black; }
PRE { BACKGROUND-COLOR: #FBEDBB; FONT-FAMILY: "Courier New", Courier, mono; WHITE-SPACE: pre; }
CODE { COLOR: #990000; FONT-FAMILY: "Courier New", Courier, mono; }
.style3 {
border-collapse: collapse;
font-size: 10.0pt;
font-family: "Times New Roman";
border-style: none;
border-color: inherit;
border-width: medium;
background: #CCCCCC;
}
ol
{margin-bottom:0cm;}
</style>
<link rel="stylesheet" type=text/css href="http://www.codeproject.com/styles/global.css">
</head>
<body bgcolor="#FFFFFF" color=#000000>
<!--------------------------------------------------------------------------->
<!------------------------------- STEP 1 --------------------------->
<!-- Fill in the details (CodeProject will reformat this section for you) -->
<pre>
Title: Secure Messaging Solution
Author: Moustafa Refaat
Email: Moustafar@hotmail.com
Member ID: Moustafar
Language: C# 1.1,2.0
Platform: Windows, .Net 1.1 , .Net 2.0, .NET 3.0
Technology: BizTalk
Level: Intermediate, Advanced
Description: We are sending end receiving sensitive information over the
internet. We want to secure all the messages we are exchanging with
our partners.
Section General
SubSection Securing Messages
</pre>
<!------------------------------- STEP 2 --------------------------->
<!-- Include download and sample image information. -->
<ul class=download>
<li><a href="http://www.MoustafaRefaat.com/Downloads/SecureMessaging.zip">Download source - 26 Kb</a></li>
</ul>
<p><img src="Images/sm_image004.gif" alt="Sample Image - maximum width is 600 pixels" width=400 height=200></p>
<!------------------------------- STEP 3 --------------------------->
<!-- Add the article text. Please use simple formatting (<h2>, <p> etc) -->
<h2>Introduction</h2>
<p>We are sending end receiving sensitive information over the
internet. We want to secure all the messages we are exchanging with
our partners.
<h2>Background </h2>
<p>Microsoft® BizTalk® Server relies heavily on the security
provided by certificates. By using certificates for encryption and
digital signatures, BizTalk Server can send and receive data that
can be trusted. By using certificates for encryption and digital
signatures, BizTalk Server can:</p>
<ul>
<li>Send and receive data that can be trusted.</li>
<li>Make sure that the data it processes is secure.</li>
<li>Make sure that authorized parties receive its messages.</li>
<li>Make sure that it receives messages from authorized parties.</li>
</ul>
<h2>Creating the Certificates </h2>
<p>We will need to create a certificate to use for encrypting and
decrypting our secure messaging example. <br />
MakeCert Test Certificate<br />
A MakeCert test certificate is an Authenticode digital certificate
that is created by the MakeCert tool. A MakeCert test certificate is
a self-signed, root certificate. To create a MakeCert test
certificate, use the MakeCert tool as follows: </p>
<p><br />
MakeCert -r -pe -ss TestCertStoreName -n "CN=CertName"
CertFileName.cer <br />
<br />
Where:</p>
<ul>
<li>The -r option specifies that the certificate is self-signed,
that is, the certificate is a root certificate.</li>
<li>The -pe option specifies that the private key that is
associated with the certificate can be exported. </li>
<li>The -ss TestCertStoreName option specifies the name of the
certificate store that contains the test certificate. </li>
<li> The -n "CN=CertName" option specifies a name for the
certificate that can be used with the SignTool command-line tool
to identify the certificate. It is recommended that you use a
certificate name that clearly identifies the certificate as a
test certificate, for example, "WDK Driver Testing Cert - for
in-house use only." If the certificate name is not supplied, the
default name of the certificate is "Joe's Software Emporium.</li>
<li>"CertFilename.cer is the file name that contains a copy of
the test certificate. The certificate file is used to add the
certificate to the Trusted Root Certification Authorities
certificate store and the Trusted Publishers certificate stores.
<br />
Storing the Certificates</li>
<li>Depending on the purpose of a certificate (signing messages,
verifying signatures, decrypting messages, encrypting messages,
or party resolution), it must be installed in a specific
certificate store. BizTalk Server uses two Windows® certificate
stores - the Other People certificate store (in the Local
Computer folder) for public keys, and the Personal certificate
store (in the Current User folder) for the service account of
each host instance for private keys.</li>
</ul>
<p><strong>Other People certificate store.</strong> Public key
certificates, as their name implies, are public and accessible by
anyone with access to the computer on which they are stored. BizTalk
Server retrieves from this store the public key certificates to
encrypt messages and to verify the digital signatures for incoming
messages. All users can read and use the certificates in this store.
The following figure shows the Other People certificate store that
BizTalk Server uses for public key certificates.<br />
<img src="Images/sm_image001.gif" width="376" height="308" /><br />
<strong>Figure 1: Other People certificate store</strong><br />
</p>
<p><strong>Personal certificate store:</strong> BizTalk Server uses
private key certificates to decrypt incoming messages and sign
outbound messages. Every Windows account enabled to log on
interactively on a computer has a personal certificate store that
only that account can access. BizTalk Server uses the personal
certificate store for the service account of each host instance to
access the private key certificates to which each service account
has access. The private key certificates must be stored in the
Personal certificate store for the service account for each host
instance on each computer that has a running host instance that
requires the certificate for decryption or for signing outbound
messages.<br />
Note: The personal certificate store is also named the MY
certificate store when it is used for programmatic operations, such
as scripting the importing and exporting of certificates. The
following figure shows the Personal certificate store that BizTalk
Server uses for private key certificates.<br />
<img src="Images/sm_image002.gif" width="379" height="308" /><br />
<strong>Figure 2: Personal certificate Store</strong><br />
<br />
For more information about the certificate stores and the
Certificate snap-in for the Microsoft Management Console (MMC),
search for "Certificate console" in Windows XP, Windows Server™
2003, or Windows 2000 Server Help. <br />
Certificates That You Need in Each Store<br />
The following table describes the certificates that you must install
in each Windows certificate store.<br />
</p>
<h2><span style="font-size:8.0pt;mso-ansi-language:EN-US">Table 1
Certificates for each Windows certificate store<o:p></o:p></span></h2>
<table border="1" cellspacing="0" cellpadding="0" width="0" style="width: 0cm; mso-border-alt: solid #DDDDDD .5pt" class="style3">
<tr style="mso-yfti-irow:0;mso-yfti-firstrow:yes">
<td valign="bottom" style="border:solid #DDDDDD 1.0pt;mso-border-alt:solid #DDDDDD .5pt;
padding:3.0pt 3.0pt 3.0pt 3.0pt">
<p class="MsoNormal"><b>
<span lang="EN-CA" style="font-size:8.5pt;font-family:
Verdana">Certificate purpose <o:p></o:p></span></b></p>
</td>
<td valign="bottom" style="border:solid #DDDDDD 1.0pt;border-left:none;
mso-border-left-alt:solid #DDDDDD .5pt;mso-border-alt:solid #DDDDDD .5pt;
padding:3.0pt 3.0pt 3.0pt 3.0pt">
<p class="MsoNormal"><b>
<span lang="EN-CA" style="font-size:8.5pt;font-family:
Verdana">Certificate type <o:p></o:p></span></b></p>
</td>
<td valign="bottom" style="border:solid #DDDDDD 1.0pt;border-left:none;
mso-border-left-alt:solid #DDDDDD .5pt;mso-border-alt:solid #DDDDDD .5pt;
padding:3.0pt 3.0pt 3.0pt 3.0pt">
<p class="MsoNormal"><b>
<span lang="EN-CA" style="font-size:8.5pt;font-family:
Verdana">Certificate store <o:p></o:p></span></b></p>
</td>
</tr>
<tr style="mso-yfti-irow:1">
<td valign="top" style="border: solid #DDDDDD 1.0pt; border-top: none; mso-border-top-alt: solid #DDDDDD .5pt; mso-border-alt: solid #DDDDDD .5pt; background: white; padding: 3.0pt 3.0pt 3.0pt 3.0pt">
<p class="MsoNormal">
<span lang="EN-CA" style="font-size:8.5pt;font-family:Verdana">
Signing<o:p></o:p></span></p>
</td>
<td valign="top" style="border-top: none; border-left: none; border-bottom: solid #DDDDDD 1.0pt; border-right: solid #DDDDDD 1.0pt; mso-border-top-alt: solid #DDDDDD .5pt; mso-border-left-alt: solid #DDDDDD .5pt; mso-border-alt: solid #DDDDDD .5pt; background: white; padding: 3.0pt 3.0pt 3.0pt 3.0pt">
<p class="MsoNormal">
<span lang="EN-CA" style="font-size:8.5pt;font-family:Verdana">
Own private key<o:p></o:p></span></p>
</td>
<td valign="top" style="border-top: none; border-left: none; border-bottom: solid #DDDDDD 1.0pt; border-right: solid #DDDDDD 1.0pt; mso-border-top-alt: solid #DDDDDD .5pt; mso-border-left-alt: solid #DDDDDD .5pt; mso-border-alt: solid #DDDDDD .5pt; background: white; padding: 3.0pt 3.0pt 3.0pt 3.0pt">
<p class="MsoNormal"><b style="mso-bidi-font-weight:normal">
<span lang="EN-CA" style="font-size:8.5pt;font-family:Verdana">
Personal store</span></b><span lang="EN-CA" style="font-size:8.5pt;font-family:Verdana">
for each service account of a host instance that has a send
pipeline with a MIME/SMIME Encoder pipeline component
configured to sign messages (<b>Add Signing Cert To Message</b>
property set to <b>True</b>).<o:p></o:p></span></p>
</td>
</tr>
<tr style="mso-yfti-irow:2">
<td valign="top" style="border: solid #DDDDDD 1.0pt; border-top: none; mso-border-top-alt: solid #DDDDDD .5pt; mso-border-alt: solid #DDDDDD .5pt; background: white; padding: 3.0pt 3.0pt 3.0pt 3.0pt">
<p class="MsoNormal">
<span lang="EN-CA" style="font-size:8.5pt;font-family:Verdana">
Verifying signature<o:p></o:p></span></p>
</td>
<td valign="top" style="border-top: none; border-left: none; border-bottom: solid #DDDDDD 1.0pt; border-right: solid #DDDDDD 1.0pt; mso-border-top-alt: solid #DDDDDD .5pt; mso-border-left-alt: solid #DDDDDD .5pt; mso-border-alt: solid #DDDDDD .5pt; background: white; padding: 3.0pt 3.0pt 3.0pt 3.0pt">
<p class="MsoNormal">
<span lang="EN-CA" style="font-size:8.5pt;font-family:Verdana">
Partner's public key<o:p></o:p></span></p>
</td>
<td valign="top" style="border-top: none; border-left: none; border-bottom: solid #DDDDDD 1.0pt; border-right: solid #DDDDDD 1.0pt; mso-border-top-alt: solid #DDDDDD .5pt; mso-border-left-alt: solid #DDDDDD .5pt; mso-border-alt: solid #DDDDDD .5pt; background: white; padding: 3.0pt 3.0pt 3.0pt 3.0pt">
<p class="MsoNormal"><b style="mso-bidi-font-weight:normal">
<span lang="EN-CA" style="font-size:8.5pt;font-family:Verdana">
Other People store</span></b><span lang="EN-CA" style="font-size:8.5pt;font-family:Verdana">
on each computer that has a host instance that has a receive
pipeline with a MIME/SMIME Decoder pipeline component.<o:p></o:p></span></p>
</td>
</tr>
<tr style="mso-yfti-irow:3">
<td valign="top" style="border: solid #DDDDDD 1.0pt; border-top: none; mso-border-top-alt: solid #DDDDDD .5pt; mso-border-alt: solid #DDDDDD .5pt; background: white; padding: 3.0pt 3.0pt 3.0pt 3.0pt">
<p class="MsoNormal">
<span lang="EN-CA" style="font-size:8.5pt;font-family:Verdana">
Decrypting<o:p></o:p></span></p>
</td>
<td valign="top" style="border-top: none; border-left: none; border-bottom: solid #DDDDDD 1.0pt; border-right: solid #DDDDDD 1.0pt; mso-border-top-alt: solid #DDDDDD .5pt; mso-border-left-alt: solid #DDDDDD .5pt; mso-border-alt: solid #DDDDDD .5pt; background: white; padding: 3.0pt 3.0pt 3.0pt 3.0pt">
<p class="MsoNormal">
<span lang="EN-CA" style="font-size:8.5pt;font-family:Verdana">
Own private key<o:p></o:p></span></p>
</td>
<td valign="top" style="border-top: none; border-left: none; border-bottom: solid #DDDDDD 1.0pt; border-right: solid #DDDDDD 1.0pt; mso-border-top-alt: solid #DDDDDD .5pt; mso-border-left-alt: solid #DDDDDD .5pt; mso-border-alt: solid #DDDDDD .5pt; background: white; padding: 3.0pt 3.0pt 3.0pt 3.0pt">
<p class="MsoNormal"><b style="mso-bidi-font-weight:normal">
<span lang="EN-CA" style="font-size:8.5pt;font-family:Verdana">
Personal store</span></b><span lang="EN-CA" style="font-size:8.5pt;font-family:Verdana">
for each service account of a host instance that has a
receive pipeline with a MIME/SMIME Decoder pipeline
component.<o:p></o:p></span></p>
</td>
</tr>
<tr style="mso-yfti-irow:4">
<td valign="top" style="border: solid #DDDDDD 1.0pt; border-top: none; mso-border-top-alt: solid #DDDDDD .5pt; mso-border-alt: solid #DDDDDD .5pt; background: white; padding: 3.0pt 3.0pt 3.0pt 3.0pt">
<p class="MsoNormal">
<span lang="EN-CA" style="font-size:8.5pt;font-family:Verdana">
Encrypting<o:p></o:p></span></p>
</td>
<td valign="top" style="border-top: none; border-left: none; border-bottom: solid #DDDDDD 1.0pt; border-right: solid #DDDDDD 1.0pt; mso-border-top-alt: solid #DDDDDD .5pt; mso-border-left-alt: solid #DDDDDD .5pt; mso-border-alt: solid #DDDDDD .5pt; background: white; padding: 3.0pt 3.0pt 3.0pt 3.0pt">
<p class="MsoNormal">
<span lang="EN-CA" style="font-size:8.5pt;font-family:Verdana">
Partner's public key<o:p></o:p></span></p>
</td>
<td valign="top" style="border-top: none; border-left: none; border-bottom: solid #DDDDDD 1.0pt; border-right: solid #DDDDDD 1.0pt; mso-border-top-alt: solid #DDDDDD .5pt; mso-border-left-alt: solid #DDDDDD .5pt; mso-border-alt: solid #DDDDDD .5pt; background: white; padding: 3.0pt 3.0pt 3.0pt 3.0pt">
<p class="MsoNormal"><b style="mso-bidi-font-weight:normal">
<span lang="EN-CA" style="font-size:8.5pt;font-family:Verdana">
Other People store</span></b><span lang="EN-CA" style="font-size:8.5pt;font-family:Verdana">
on each computer that has a host instance that has a send
pipeline with a MIME/SMIME Encoder pipeline component
configured to encrypt messages (<b>Enable encryption</b>
property set to <b>True)</b>.<o:p></o:p></span></p>
</td>
</tr>
<tr style="mso-yfti-irow:5;mso-yfti-lastrow:yes">
<td valign="top" style="border: solid #DDDDDD 1.0pt; border-top: none; mso-border-top-alt: solid #DDDDDD .5pt; mso-border-alt: solid #DDDDDD .5pt; background: white; padding: 3.0pt 3.0pt 3.0pt 3.0pt">
<p class="MsoNormal">
<span lang="EN-CA" style="font-size:8.5pt;font-family:Verdana">
Party resolution<o:p></o:p></span></p>
</td>
<td valign="top" style="border-top: none; border-left: none; border-bottom: solid #DDDDDD 1.0pt; border-right: solid #DDDDDD 1.0pt; mso-border-top-alt: solid #DDDDDD .5pt; mso-border-left-alt: solid #DDDDDD .5pt; mso-border-alt: solid #DDDDDD .5pt; background: white; padding: 3.0pt 3.0pt 3.0pt 3.0pt">
<p class="MsoNormal">
<span lang="EN-CA" style="font-size:8.5pt;font-family:Verdana">
Partner's public key<o:p></o:p></span></p>
</td>
<td valign="top" style="border-top: none; border-left: none; border-bottom: solid #DDDDDD 1.0pt; border-right: solid #DDDDDD 1.0pt; mso-border-top-alt: solid #DDDDDD .5pt; mso-border-left-alt: solid #DDDDDD .5pt; mso-border-alt: solid #DDDDDD .5pt; background: white; padding: 3.0pt 3.0pt 3.0pt 3.0pt">
<p class="MsoNormal"><b style="mso-bidi-font-weight:normal">
<span lang="EN-CA" style="font-size:8.5pt;font-family:Verdana">
Other People store</span></b><span lang="EN-CA" style="font-size:8.5pt;font-family:Verdana">
on the administration computer from which you are
configuring party resolution.<o:p></o:p></span></p>
</td>
</tr>
</table>
<p class="MsoNormal"><span lang="EN-CA"><o:p> </o:p></span></p>
<h2>Solution</h2>
<p>
<img src="Images/sm_image004.gif" width="382" height="261" /><br />
<strong>Figure 3: Solution Concept</strong><br />
<br />
The solution consists of creating two pipelines. A receive pipeline
that decrypts the incoming messages and a send pipeline that
encrypts the outgoing messages. The example in this solution uses
four ports, two for the encryption scenario and two for decryption
scenario. <br />
<br />
</p>
<ol>
<li>Plain Receive port that consumes files in a directory to be
encrypted. This receive port uses one receive location that uses
the standard “Microsoft.BizTalk.DefaultPipelines.XMLReceive”
pipeline.</li>
<li> Enc Send Port that subscribes to the receive plane
text port. This send port uses the “PracticalBTS.EncryptPipeLine.EncSendPipeline”
pipeline. The figure below shows the configuration. Notice that
in the “Outbound Encryption” certificate name is set to the
certificate in “other people certificates store” for the
receiver. <br />
</li>
</ol>
<p>
<img src="Images/sm_image006.jpg" width="370" height="248" /><br />
<strong>Figure 4: Send Encrypted port settings.</strong><br />
<br />
</p>
<ol>
<li value="3">Enc Receive Port that consumes files in a
directory that are encrypted and we want to decrypt them. This
receive port uses one receive location that uses the “PracticalBTS.EncryptPipeLine.DecReceivePipeline”
pipeline. The figure below shows the configuration.</li>
</ol>
<p><br />
<img src="Images/sm_image008.jpg" width="366" height="352" /><br />
<strong>Figure 5: End Receive Location port configuration</strong><br />
Notice that we do not specify the certificate to use to decrypt the
message. As BTS uses the certificate defined for the BTS group as
shown in the figure below<br />
<img src="Images/sm_image010.jpg" width="373" height="322" /><br />
<strong>Figure 6: BizTalk Group properties certificate settings</strong><br />
<br />
</p>
<ol>
<li value="4">Plain Send Port this port subscribes to the Enc
Receive Port and just save the output in a file so we can check
it </li>
</ol>
<h2><br />
Pipelines Implementation</h2>
<h3><br />
Receive Decryption Pipeline<br />
</h3>
<p>
<img src="Images/sm_image012.jpg" width="223" height="624" /><br />
<strong>Figure 7: Receive Decryption Pipeline</strong><br />
<br />
The figure above shows the receive pipeline. As you can see we
insert into the decode phase the MIME/SMIME pipeline component. And
into the Disassemble pipeline the XML disassembler pipeline
component. There are no special settings for any component in this
receive pipeline we just accept the default settings.</p>
<h3><br />
Send Encryption Pipeline</h3>
<p><br />
<br />
<img src="Images/sm_image014.jpg" width="214" height="475" /><br />
<strong>Figure 8: Encryption Send Pipeline</strong><br />
The figure above shows the Encryption send Pipeline. In this
pipeline we have the standard XML Assembler pipeline component in
the assemble phase and the MIME/SMIME encoder component in the
encode phase.<br />
<img src="Images/sm_image016.jpg" width="358" height="236" /><br />
<strong>Figure 9: Encoder Pipeline Component Settings</strong><br />
The figure above shows the settings for the MIME/SMIME encoder
pipeline component where we enable the encryption and we choose the
“DES3” encryption algorithm. In this example we are not going to
sign the messages so we select “NoSign” for the signature sign.<br />
Deploying the solution<br />
1. Installing the certificate<br />
2. Compiling and deploying the solution<br />
<br />
Use the secure message deployment script to deploy the solution.<br />
</p>
<h2>Using the code</h2>
<p>To test the configuration copy a sample xml file from the “Data
Folders\Sample XML Files” or any other valid XML file and drop it in
the folder “Data Folders\SecureMessaging\Encryption\In” after BTS
process the message you will find the encrypted file at “SecureMessaging\Encryption\Out”
the encrypted file should look like <br />
<img src="Images/sm_image018.jpg" width="369" height="252" /><br />
Figure 10: Sample encrypted message<br />
Copy the encrypted message to “Data\SecureMessaging\Decryption\In”
and after BTS process the message you will find the plain message at
“Data\SecureMessaging\Decryption\out”<br />
</p>
<h2>Points of Interest</h2>
<h3>Certificate authorization</h3>
<p>A message received by adapter "FILE" on receive location "EncReceive
Location" with URI "…\*.txt" is suspended. <br />
Error details: There was a failure executing the receive pipeline: "PracticalBTS.EncryptPipeLine.DecReceivePipeline,
PracticalBTS.EncryptPipeLine, Version=1.0.0.0, Culture=neutral,
PublicKeyToken=e56921b90feec973" Source: "MIME/SMIME decoder"
Receive Port: "EncReceivePort" URI: "\SecureMessaging\Decryption\In\*.txt"
Reason: Could not validate the Trust Chain of the encryption
certificate. The certificate issuing authority may not be a trusted
Certificate Authority. <br />
MessageId: {9C0C7B4B-D2B7-489F-A343-6355F5BFA9AC}<br />
InstanceID: {67753340-9C17-4C7B-8364-501BFD5F2FD3}<br />
</p>
<h3>Solution</h3>
<p>Make sure you have installed the certificate in the trusted
Authority folder.</p>
<h2>History</h2>
<p>Visit <a href="http://www.MoustafaRefaat.com/Bits">
www.MoustafaRefaat.com\Bits</a> to find more information.
</body>
</html>
|
By viewing downloads associated with this article you agree to the Terms of Service and the article's licence.
If a file you wish to view isn't highlighted, and is a text file (not binary), please
let us know and we'll add colourisation support for it.
As a well-established IT leader with a passion for architecture, design, coding, refactoring, and development, I possess 20+ years’ success spearheading large teams to deliver the end-to-end development of 30+ innovative software solutions on time and under budget on a US and international level.
Throughout my career, I have made it my priority to utilize current technologies and new techniques to develop elegant, creative technical solutions across all project phases. Comfortable in collaborative and independently-driven roles, I am a forward-thinking leader with refined analytical and critical thinking skills, and I can adapt and revise my strategies to meet evolving priorities, shifting needs, and emergent issues. As a dynamic leader with experience as Technical Lead and Senior Manager, as well as on the Board of Directors, I have led numerous teams to create a new employees experience with Workday, roadmap for people systems (JDA WFMR, Kronos, Infor, Workday, and monitoring with Splunk), and architecture for 20+ projects at Loblaw. Furthermore, I have spearheaded As a well-established IT leader with a passion for architecture, design, coding, refactoring, and development, I possess 20+ years’ success spearheading large teams to deliver the end-to-end development of 30+ innovative software solutions on time and under budget on a US and international level.
Throughout my career, I have made it my priority to utilize current technologies and new techniques to develop elegant, creative technical solutions across all project phases. Comfortable in collaborative and independently-driven roles, I am a forward-thinking leader with refined analytical and critical thinking skills, and I can adapt and revise my strategies to meet evolving priorities, shifting needs, and emergent issues. As a dynamic leader with experience as Technical Lead and Senior Manager, as well as on the Board of Directors, I have led numerous teams to create a new employees experience with Workday