Presentation is loading. Please wait.

Presentation is loading. Please wait.

.NET Framework Application Security Overview Gunther Beersaerts Microsoft Corporation.

Similar presentations


Presentation on theme: ".NET Framework Application Security Overview Gunther Beersaerts Microsoft Corporation."— Presentation transcript:

1 .NET Framework Application Security Overview Gunther Beersaerts Microsoft Corporation

2 Agenda Security 101.NET Framework Security Features Code Access Security Role-Based Security Cryptography Securing ASP.NET Web Applications Securing ASP.NET Web Services

3 Agenda Security 101.NET Framework Security Features Code Access Security Role-Based Security Cryptography Securing ASP.NET Web Applications Securing ASP.NET Web Services

4 Developers need to understand, use and apply: EncryptionHashing Digital signatures Digital certificates Secure communication AuthenticationAuthorizationFirewallsAuditing Service packs and updates Security 101 Overview of Security Technologies

5 Encryption is the process of encoding data To protect a user’s identity or data from being read To protect data from being altered To verify that data originates from a particular user Encryption can be: AsymmetricSymmetric Security 101 Encryption

6 Algorithm TypeDescription Symmetric Uses one key to: Encrypt the data Decrypt the data Is fast and efficient Asymmetric Uses two mathematically related keys: Public key to encrypt the data Private key to decrypt the data Is more secure than symmetric encryption Is slower than symmetric encryption Security 101 Symmetric vs Asymmetric Encryption

7 User A User B Data Hash Value Hash Algorithm Data Hash Value Hash Algorithm If hash values match, data is valid User A sends data and hash value to User B Security 101 Verifying Data Integrity with Hashes

8 User AUser B Data Hash Value Hash Algorithm User A Private key Data Hash Value User A Public Key Hash Algorithm Hash Value If hash values match, data came from the owner of the private key and is valid Security 101 Digital Signatures

9 Private Key Private/Public Key Pair User Application Computer Service Certified Administrator Certification Authority Public Key Security 101 How Digital Certificates work?

10 Technologies include: IPSecSSLTLS RPC encryption SSL/TLS IPSec RPC Encryption Security 101 Secure Communication Technologies

11 Agenda Security 101.NET Framework Security Features Code Access Security Role-Based Security Cryptography Securing ASP.NET Web Applications Securing ASP.NET Web Services

12 .NET Framework Security In General.NET CLR controls execution of managed code.NET Framework Security is part of the CLR.NET Framework Security includes many features: Managed Execution Type-Safe System Buffer Overrun Protection Arithmetic Error Trapping Strong-Named Assemblies Isolated Storage... Important: Complements Windows Security

13 Type-safe code: Prevents buffer overruns Restricts access to authorized memory locations Allows multiple assemblies to run in same process App Domains provide: Increased performance Increased code security.NET Framework Security Type Safety System

14 Managed Code does not deal with raw pointers (char *,…) Instead,.NET CLR uses Framework Classes System.String.NET System.String objects are immutable System.Text.StringBuilder System.Text.StringBuilder class checks buffer bounds Throws exception if attempts to overwrite internal buffer Type-verification prevents arbitrary memory overwrites void CopyString (string src) { stringDest = src; }.NET Framework Security Buffer Overrun Protection

15 Buffer Overrun

16 Arithmetic error trapping is achieved by using: The checked keyword Project settings byte b=0; while (true) { Console.WriteLine (b); checked { b++; } }.NET Framework Security Arithmetic Error Trapping

17 Type Safety System Investigating.NET Data-Type Safety Using the checked keyword

18 Strong names are: Unique identifiers (containing a public key) Used to digitally sign assemblies Why strong-named assemblies? Prevent tampering Confirm the identity of the assembly’s publisher Allow side-by-side components sn –k MyFullKey.snk.NET Framework Security Strong Named Assemblies

19 Provides a virtual file system Allows quotas Implements file system isolation based on: Application identity User identity IsolatedStorageFile isoStore = IsolatedStorageFile.GetUserStoreForAssembly();.NET Framework Security Isolated Storage

20 Use managed code ! Type-Safe System Buffer Overrun Protection Arithmetic Error Trapping Strong-Named Assemblies Isolated Storage.NET Framework Security What did we learn?

21 Agenda Security 101.NET Framework Security Features Code Access Security Role-Based Security Cryptography Securing ASP.NET Web Applications Securing ASP.NET Web Services

22 Evidence works on top of Win32 security.NET Framework Collects info about an Assembly Presents info to the Security system CLR decides if code is allowed to execute Evidence Assessed when assembly is loaded Determines permissions for assembly Evidence can include assembly’s: Strong name information URLZone Authenticode signature Code Access Security Evidence-Based Security

23 Security EntityDescription Policy Is set by administrators Is enforced at runtime Simplifies administration Contains permissions Contains code groups Code Group Associates similar components Is evidence based Is linked to permission set(s) Permission Set Is a set of granted permissions Code Access Security Security Policies

24 Call Stack Security System YourAssembly SomeAssembly.NET Framework Assembly Call to ReadFile Grant: Execute 1. An assembly requests access to a method in your assembly 2. Your assembly passes the request to a.NET Framework assembly 3. The security system ensures that all callers in the stack have the required permissions 4. The security system grants access or throws an exception Grant: ReadFile Permission Demand Security exception Access denied Grant access? Code Access Security Security Check Stack Walk

25 Imperative security checks Create Permission objects Call Permission methods (Demand,…) Declarative security checks Use Permission attributes Apply to methods or classes Overriding security checks Use the Assert method Prevent the stack walk Code Access Security Types of Security Checks

26 Used by developers to state required permissions Implemented by attributes Prevents an assembly from loading When minimum permissions are not available Rather than wait for unauthorized operation //I will only run if I can call unmanaged code [assembly:SecurityPermission (SecurityAction.RequestMinimum, UnmanagedCode=true)] Code Access Security Permissions Requests

27 Code Access Security Using the.NET Framework Configuration Tool Performing Security Checks Requesting Permissions

28 .NET Framework 1.0 All ASP.NET web applications ran with full trust  No CAS could be applied.NET Framework 1.1 Provides partial trust levels to ASP.NET Provides partial trust levels to ASP.NET FullHighMediumLowMinimal Code Access Security Partial Trust Applications

29 Partial Trust Web Application Wrapper Assembly Secured Resource Sandboxed Code Permissions Demanded / Asserted AllowPartiallyTrustedCallers attribute added Assembly installed into the Global Assembly Cache Resource Access Code Access Security Sandboxing Privileged Code

30 Use managed code ! Evidence is Assembly based Security Stack Walk Types of Security Checks Imperative, Declarative, Overridable Partially Trusted Applications Code Access Security What did we learn?

31 Agenda Security 101.NET Framework Security Features Code Access Security Role-Based Security Cryptography Securing ASP.NET Web Applications Securing ASP.NET Web Services

32 Authentication asks: "Who are you?" "Am I sure you are who you say you are?“ Authorization asks: "Are you allowed to … ?" Role-Based Security Authentication & Authorization

33 Identity Contains information about a user Example: Logon name Principal Contains role information about a user or computer.NET Framework provides: WindowsIdentity and WindowsPrincipal objects GenericIdentity and GenericPrincipal objects Role-Based Security Identities and Principals

34 Use WindowsIdentity and WindowsPrincipal For Single validation WindowsIdentity myIdent = WindowsIdentity.GetCurrent(); WindowsPrincipal myPrin = new WindowsPrincipal(myIdent); AppDomain.CurrentDomain.SetPrincipalPolicy(PrincipalPolicy.WindowsPrincipal); WindowsPrincipal myPrin = System.Threading.Thread.CurrentPrincipal; Role-Based Security Creating Windows Identities and Principals For Repeated validation For Repeated validation

35 Create a GenericIdentity and a GenericPrincipal GenericIdentity myIdent = new GenericIdentity("User1"); string[] roles = {"Manager", "Teller"}; GenericPrincipal myPrin = new GenericPrincipal(myIdent, roles); System.Threading.Thread.CurrentPrincipal = myPrin; Role-Based Security Creating Generic Identities and Principals Attach the GenericPrincipal to the current thread

36 Use Identity and Principal members in code For example, using the Name property of the Identity object to check the user’s logon name if (String.Compare(myPrin.Identity.Name, "DOMAIN\\Gerd", true)==0) { // Perform some action } if (myPrin.IsInRole("BUILTIN\\Administrators")) { // Perform some action } Role-Based Security Performing Security Checks Example: using IsInRole method of the Principal object to check role membership Example: using IsInRole method of the Principal object to check role membership

37 Use permissions to make role-based security checks Imperative checks PrincipalPermission prinPerm = new PrincipalPermission("Teller", “Manager”, true); try { prinPerm.Demand(); //Does the above match the active principal? } [PrincipalPermission(SecurityAction.Demand, Role="Teller", Authenticated=true)] Declarative checks Role-Based Security Imperative and Declarative Security Checks

38 Role-Based Security Using Windows Role-Based Security Using Generic Role-Based Security

39 Use managed code ! Authentication vs Authorization Identities vs Principals WindowsIdentity vs GenericIdentity WindowsPrincipal vs GenericPrincipal Role-Based Security What did we learn?

40 Agenda Security 101.NET Framework Security Features Code Access Security Role-Based Security Cryptography Securing ASP.NET Web Applications Securing ASP.NET Web Services

41 Cryptography TermDescription Symmetric Encryption Encrypting and decrypting data with a secret key Asymmetric Encryption Encrypting and decrypting data with a public/private key pair Hashing Mapping a long string of data to a short, fixed-size string of data Digital Signing Hashing data and encrypting the hash value with a private key The.NET Framework provides classes that implement these operations Cryptography Review

42 Choose an algorithm TripleDESCryptoServiceProviderRijndaelManaged Generate a secret key Use secret key to encrypt and decrypt data: FileStreamMemoryStreamNetworkStream Cryptography Using Symmetric Algorithms

43 Choose an algorithm RSACryptoServiceProviderDSACryptoServiceProvider Generate a private and public key pair Encrypt or decrypt data Cryptography Using Asymmetric Algorithms

44 ActionSteps Signing Data Hash the data Encrypt the hash value with a private key Verifying Signatures Decrypt the signature by using sender’s public key Hash the data Compare the decrypted signature to the hash value Cryptography Signing Data and Verifying Signatures

45 .NET Framework Encryption Performing Symmetric Encryption Signing Data

46 Use managed code ! Symmetric Encryption Assymmetric Encryption Data Signing & Verification Cryptography What did we learn?

47 Agenda Security 101.NET Framework Security Features Code Access Security Role-Based Security Cryptography Securing ASP.NET Web Applications Securing ASP.NET Web Services

48 Authentication TypeAdvantagesDisadvantages Windows Uses existing Windows infrastructure Controls access to sensitive information Does not support all client types Forms Supports all client typesRelies on cookies Microsoft Passport Supports single sign-on for many Internet Web sites Allows developers to customize the appearance of the registration page Relies on cookies Involves fees Securing ASP.NET ASP.NET Authentication Types

49 Configure IIS to use Anonymous authentication Set forms-based authentication in Web.config Set up authorization in Web.config Build a logon form Securing ASP.NET Configuring Form-Based Authentication

50 Developers can require secure cookies

51 Client-side validation Provides instant feedback Reduces postback cycles Server-side validation Repeats all client-side validation Validates against stored data, if required Error Message Client Server User Enters Data Valid? Web Application Processed Yes No Valid? Yes No Securing ASP.NET Validation Controls

52 Securing ASP.NET Types of Validation Controls

53 Securing ASP.NET Configuring Forms Authentication Using Validation Controls

54 Use managed code ! Types of Authentication Windows Authentication Forms-Based Authentication PassPort Authentication Forms-Based Auth Enhancements Validation Controls Securing ASP.NET What did we learn?

55 Agenda Security 101.NET Framework Security Features Code Access Security Role-Based Security Cryptography Securing ASP.NET Web Applications Securing ASP.NET Web Services

56 XML messages convey security information Credentials Digital signatures Messages can be encrypted Client Transport Service Transport Any Transport XML Security is independent from transport protocol Securing ASP.NET Web Services Message-Level Security

57 WSE includes: Authentication with SOAP Headers Message encryption Message signing Supports message routing Supports attachments Implemented in Microsoft.Web.Services.dll Assembly Securing ASP.NET Web Services Web Service Enhancements (WSE)

58 Securing Web Services Analyzing SOAP headers

59 Use managed code ! Message-Level Security Transport Independant End-to-End Secure Check out Web Service Enhancements WSE 2.0 Securing Web Services What did we learn?

60 Session Summary Security 101.NET Framework Security Features Code Access Security Role-Based Security Cryptography Securing ASP.NET Web Applications Securing ASP.NET Web Services

61 Resources MSDN Security Developer Center Sign up for security bulletins: Security Guidance Security Training & Books Writing Secure Code (Howard/Leblanc) ISBN CTEC Security Trainings Feedback, Questions & Tomatoes

62 Thank You !

63 Secure Communication How IPSec Works Security Association Negotiation TCP Layer IPSec Driver TCP Layer IPSec Driver Encrypted IP Packets IPSec Policy

64 Secure Communication How SSL Works The user browses to a secure Web server by using HTTPS The browser creates a unique session key and encrypts it by using the Web server’s public key, which is generated from the root certificate The Web server receives the session key and decrypts it by using the server’s private key After the connection is established, all communication between the browser and Web server is secure Web Server Root Certificate Message Secure Web Server HTTPS Secure Browser


Download ppt ".NET Framework Application Security Overview Gunther Beersaerts Microsoft Corporation."

Similar presentations


Ads by Google