Scribd Logo
Unggah

Selamat datang di Scribd!

  • NET Security

    Diunggah oleh

    arunascarlet
    127 tayangan25 halaman
    net security

    Hak Cipta

    © Attribution Non-Commercial (BY-NC)

    Format Tersedia

    PPT, PDF, TXT atau baca online dari Scribd

    Apakah menurut Anda dokumen ini bermanfaat?

    Apakah konten ini tidak pantas?

    Laporkan Dokumen Ini
    net security

    Hak Cipta:

    Attribution Non-Commercial (BY-NC)
    Unduh sebagai PPT, PDF, TXT atau baca online dari Scribd
    Tandai sebagai konten tidak pantas
    127 tayangan25 halaman

    NET Security

    Diunggah oleh

    arunascarlet
    net security

    Hak Cipta:

    Attribution Non-Commercial (BY-NC)
    Unduh sebagai PPT, PDF, TXT atau baca online dari Scribd
    Tandai sebagai konten tidak pantas
    dari 25

    .

    NET Security

    Srikanth

    Security Levels

    Security By CLR

    Memory usage Resource usage System.Security.Permissions System.Security.Policy System.Security.Principal System.Security.Cryptography Assembly Attributes

    Security API

    Security over Assembly

    Security Types

    Code Access Security


    System.Security.Permissions System.Security.Cryptography System.Security.Principal System.Security.Policy

    Role Based Security

    Evidence Based Security

    Code Security Vs Role Security


    Role security systems consume evidence (passwords, smart cards, etc) to authorize users, who are then assumed to not be attacking themselves. Eg, Windows. Code security systems consume evidence about code (publisher, path, etc), to restrict the rights of the code to a safe subset. Eg, Internet Explorer

    Code Security in .NET


    When an appdomain loads an assembly the policy system compares the evidence collection of the assembly to the membership rules of every code group. The set of code groups determine what permissions are granted. Code which does something dangerous demands permission. If permission is denied then an exception is thrown.

    Evidence

    Any object may be evidence but there are some standard objects:
    Assembly

    Evidence Objects:

    Hash Publisher Strong Name

    Host

    Evidence Objects:

    Zone Site URL

    Assembly Evidence

    Hash, Publisher and Strong Name are cryptographically strong

    Hash identifies assembly contents Strong Name identifies assembly author and version Publisher identifies author AND establishes trustworthiness of author

    Host Evidence

    Host Evidence is provided by the loader of the assembly, not the assembly itself Zone, Url and Site establish where the assembly came from. Code from c:\Program Files may get more rights than code from www.evilhackers.com.

    Policy Levels
    Policy determines what code groups an assembly belongs to on the basis of its evidence. Four policy levels: Enterprise, Machine, User, AppDomain Each Policy Level determines a grant set; only permissions found in all four are granted

    Permissions
    Each code group has a permission set Permissions are objects which represent the right to do something, eg:

    Create

    user interface elements Read environment variables Access DNS servers Write files Modify the security system Etc.

    The Luring Attack

    A fundamental attack pattern: trick highly trusted code into doing something on behalf of less trusted code Code based security is designed to mitigate luring attacks

    The Demand
    FStream = New FileStream(C:\Temp.txt", _ FileMode.OpenOrCreate, FileAccess.Write)

    When this code runs the FileStream constructor creates a FileIOPermission object and calls Demand() on it. The security system examines the stack. Every assembly on the stack must have been granted this permission. Code which cannot access the file system may not trick highly trusted code into doing so.

    Example: Three Assemblies

    If Alpha, Beta or Gamma lack permission P then an exception is thrown

    Alpha
    calls

    A has P?

    Beta
    calls

    B has P?

    Gamma

    Demand P

    Asserting Permission

    It now does not matter whether Alpha has permission P

    Alpha
    calls

    A has P? Assert P B has P?

    Beta

    calls

    Gamma

    Demand P

    Code Security Features


    Deny and PermitOnly force stack walks to fail early. LinkDemand is a weaker, less expensive, less secure Demand InheritanceDemand allows you to restrict subclassing Grant sets may be manipulated with RequireMinimum, RequestRefuse, RequestOptional AllowPartiallyTrustedCallers enables developers to prevent all potential luring attacks

    System.Security.Permission

    EnvironmentPermissionAttribute

    Accessibility to environment variables Accessiblity of files using FileDialog Accessibility of files

    FileDialogPermissionAttribute

    FileIOPermissionAttribute

    IsolatedStoragePermissionAttribute

    Usage of storage media

    System.Security.Policy

    AllMembershipCondition

    Used in a logical code group

    CodeGroup Evidence

    Input Information of a security policy

    PolicyLevel PolicyStatement

    Description of policy StrongName of an assembly

    StrongName

    Writing Partial Trust Code


    Request minimum for must-have perms

    Run at least privilege; avoid extra perms If omitted, all allowed permissions granted

    Request optional for any additional used

    Explicitly ask no more permissions be granted:


    <assembly:PermissionSet( _ SecurityAction.RequestOptional, PermissionState.None)>

    How do you know what perms you need?


    APIs document permissions they require Know resources exposed by APIs you call

    Permission Request

    Assembly may request permissions


    Cant take permissions not granted by policy Minimum - dont run w/o these permissions Optional - can use permissions if available Refused - never grant these permissions May grant < ALLOWED permissions

    GRANT=((MinOpt)ALLOWED)-Refused

    <assembly:FileIOPermissionAttribute _

    (SecurityAction.RequestMinimum, Write:=C:\test.tmp)> SecurityAction.RequestOptional

    SecurityAction.RequestRefused

    Cryptography API

    CryptoStream class DES class (Data Encryption Standard) DESCryptoServiceProvider DSA class (Digital Signal Algorithm) MD5 class

    Cryptographic APIs

    Comprehensive cryptographic library


    Easy,

    unified, stream-based architecture

    Common algorithms in the box


    Hashing:

    SHA-1, SHA-256/-384/-512, MD5 Asymmetric: RSA, DSA Symmetric: AES, TripleDES, DES, RC2 MAC: HMAC-SHA1, MACTripleDES Open & extensible model (new algorithms)

    XMLDSIG support (W3C/IETF spec.)


    Integrated

    with XML data framework

    Authorization Strategies

    Windows Security and ACLs


    ACLs checked for Windows auth Independent of impersonation

    COM+ Roles URL Authorization Custom Authorization Windows .NET AuthZ Framework Explicit imperative/declarative checks

    Encryption

    Instantiate the algorithm


    SymmetricAlgorithm alg = SymmetricAlgorithm.Create(DES);

    Generate a key
    byte[] myNewKey = alg.Key;

    Encode your data


    string message = "Top secret data..."; byte[] plain = Encoding.UTF8.GetBytes(message);

    Perform the encryption


    ICryptoTransform enc = alg.CreateEncryptor(); byte[] cipher; cipher = enc.TransformFinalBlock(plain, 0, plain.Length);

    Decryption

    Instantiate the algorithm


    SymmetricAlgorithm alg = SymmetricAlgorithm.Create(DES);

    Obtain the key


    alg.Key = theKey;

    Perform the decryption


    ICryptoTransform dec = alg.CreateDecryptor(); byte[] plain; plain = dec.TransformFinalBlock(cipher, 0, cipher.Length);

    Decode the data


    string plainText = Encoding.UTF8.GetString(plain);

    Sample: Hashing & RNGs

    Simple programming model

    Common functions accessible as single method calls on algorithm objects

    Runtime adaptation based on config system

    Dim rng As RandomNumberGenerator = _ You choose the default implementation RandomNumberGenerator.Create() Dim bytes As Byte() = new Byte(128) {} rng.GetBytes(bytes)
    Dim hash As SHA256 = SHA256.Create() Dim digest As Byte() = _ hash.ComputeHash(inputData)

    Anda mungkin juga menyukai