Dotnet Framework Security Talk 2

7/31/2019 Dotnet Framework Security Talk 2

http://slidepdf.com/reader/full/dotnet-framework-security-talk-2 1/22

Security in the .NET

Framework

Mike Kass

Product Manager

Microsoft Corp.



Message

Queuing

Trans

-

actions

Active

Directory

IIS

Manage

-

ment

…

The .NET Framework

Common Language Runtime

Common Language Runtime

Executes code, maintains security,handles component “plumbing” and

dependencies

Windows Forms

Secure, easily deployable rich clientclasses

W i n

d o w s F o r m s

ASP.NET

Classes and engine for building,deploying, and running Webapplications and services

A S P . N E T

ADO.NET

Classes for loosely-coupled dataaccess

A D O . N E T

Enterprise Services A complete set of features enablingtransactions, message queuing,

etc.

E

n t e r p r i s e

S e r v i c e s

X M L

…

VB C++ C# Perl Java …



. NET Framework Security

Role-based Security Cryptographic Library

Code Access Security



Role-Based Security:Authentication

Unified programming model for allforms of authentication:

Basic

Digest

NTLM

Kerberos

Microsoft Passport

Forms/Custom

Client Certificates



Role-Based Security:Authorization

Maximum flexibility again

Access Control Lists

Active Directory

URL Authorization via Config Files

Custom



Cryptographic Library

Comprehensive, progressive set ofAPIs in the .NET Framework

Easy, unified, stream-based architecture

Encryption Digital signatures

Hashing

Random-number generation Pluggable extensibility (new algorithms)

Uses Windows CryptoAPI functionality



Code Access Security

Allows partially trusted code to runwith reduced rights

Evidence-based security model

No more “all-or-none” or “sandbox” Granular permissions

Flexible, extensible



3 Key Elements

Evidence Inputs to policy about code

Strong name, site, zone, Authenticodesignature, hash value, app directory, etc.

Permissions

Specific authorizations for code (not users)

Define a level of access to a resource oroperation

Policy

Matches permissions to evidence via “codegroups”

Grants permissions to an assembly



Permissions Protect Resources

FileIO FileDialog

IsolatedStorage

Environment

Registry

UI

Printing

Reflection

Security

Socket Web

DNS

OleDb

SQLClient

MessageQueue

EventLog

DirectoryServices

… extensible

Execution, Assertion, Skip Verification,Unmanaged code, Control evidence, Controlpolicy, Control principal, Control threads



Loading An Assembly

AssemblyEvidence

AssemblyRequests

GrantedPermissions

Policy

0. Compile code

1. Load assembly2. Gather evidence3. Load policy

4. Grant permissions5. Verify MSIL6. Execute code



Demands Make It Work

Calls

Got Permission?

Got Permission?

Demand of FileIOPermission (…) causes stack walk

If all frames pass: Succeed, allow operationOtherwise: SecurityException(…)

Exception

Calls



Default Security Policies

Default code groups set around origin ofcode according to I.E. “zones”

Local machine – i.e. code installed locally

Intranet Internet (enabled in version 1.1 of the

.NET Framework… currently in beta)

Trusted sites

Restricted sites



Local Machine Permissions

FullTrust PermissionSet Full access to all machine capabilities

But: App must be installed on machine

by machine’s admin



Intranet Permissions

Unlimited UI

Same protocol access to site & DNS

File read access to origin

Open/Save File Dialog

Default printer

Unlimited Isolated Storage

Write to Event Log Env for USERNAME, TEMP, TMP



Changing Security Policies

Systems administrators can adjustcurrent policies or create new policiesvia new code groups

.NET Framework Configuration Tool(MMC snap-in)

Caspol (Command line)

Policies may be set at application,user, machine, and enterprise levels.



Programmatic access

APIs to access code access securitysystem

Refuse unnecessary permissions

Refuse to run if not granted necessarypermissions

Check to see if granted a permission andtweak app behavior based on response



Partially Trusted ASP.NET

Coming in version 1.1… For shared IIS 5.0 server, use CAS

Isolate apps running in same process

Set permissions on virtualized resources

For shared IIS 6.0 server, use CAS

Isolate apps you choose to run in same

process Set permissions on virtualized resources



Trustworthy Computing

External review, penetration testing Foundstone, CORE Security

Technologies

Foundstone’s “Security in theMicrosoft .NET Framework”: “Used appropriately, we believe that the

.NET Framework is one of the bestplatforms for developing enterprise and

Web applications with strict securityrequirements.”

Ongoing internal security reviews &testing



STPP and the .NET Framework

Windows Update + Patch Roll-ups Help customers get patches they need ASAP

2 Service Packs shipped to date



The .NET Framework in Curriculum

Multi-language runtime environment Use the language you like

Access the same class libraries to do similartasks

Use a powerful IDE to access easy-to-uselearning tools

Visual Studio .NET Academic

Experience programming with .NET bybuilding your own Terrarium creature atthe Hands-On Lab (Booth #301)



Microsoft Resources for Faculty

MSDN Academic Alliance

New program from Microsoft

Software for computer science courses

Annual membership fee of $799 per

department Membership runs from July-June

Web site that supports program:(www.msdnaa.net)

Visual Studio .NET Academic

All the features of Visual Studio .NETProfessional plus Course Management

Tools



Questions?

More info at:http://msdn.microsoft.com/net/security

Dotnet Framework Security Talk 2

Documents

Transcript of Dotnet Framework Security Talk 2