Online Sample Chapters
.NET Developer Platform Security Solutions
.NET Developer Platform Security Solutions
Table of Contents
(NOTE: Each chapter concludes with a Summary.)
= Introduction.
I. INTRODUCTION TO THE .NET DEVELOPER PLATFORM SECURITY.
1. Common Security Problems on the Internet. Problems with Securing Mobile Code.
Downloaded Executables.
Source Code.
Scripts.
Java Applets.
ActiveX Controls.
Writing Secure Applications.
Insecure Default Configurations.
Buffer Overflows.
Canonicalization Errors.
Information Leaks.
Denial-of-Service Vulnerabilities.
2. Introduction to the Microsoft .NET Developer Platform. Tight Language Interoperability.
Metadata.
JIT Compilation.
Garbage Collection.
Object-Oriented Programming.
Code Access Security.
Base Class Library.
Native Code Interoperability.
3. .NET Developer Platform Security Solutions. Fundamental Security Benefits from the .NET Framework.
Managing Code Execution.
Additional Security Enforcement.
Mobile Code Solutions with the .NET Framework.
Direct Execution.
Browser-Hosted Controls.
Networked Computing with the .NET Framework.
Insecure Default Configurations.
Buffer Overflows.
Canonicalization Errors.
Information Leaks.
Denial-of-Service Vulnerabilities.
II. CODE ACCESS SECURITY FUNDAMENTALS.
4. User- and Code-Identity-Based Security: Two Complementary Security Paradigms. A Little Anatomy of Computer Security Systems.
A Review of User-Identity-Based Security.
Entering a New Paradigm: Code-Identity-Based Security.
How User- and Code-Identity-Based Security Systems Complement Each Other.
5. Evidence: Knowing Where Code Comes From. Evidence Explained.
Evidence Applies to Executing Code.
Evidence Is Applied to Assemblies and App Domains.
Different Sources of Evidence.
Host-Provided Evidence.
Assembly-Provided Evidence.
Evidence and the Base Class Library.
6. Permissions: The Workhorse of Code Access Security. Permissions Explained.
Code Access Permissions.
Identity Permissions.
Other Permissions.
How Permissions Are Used.
Permissions and Security Policy.
Permission Demands.
Other Security Actions.
Declarative and Imperative Security.
Built-in Permissions.
Permission Sets.
7. Walking the Stack. A Review of Stacks and Their Uses.
The Security Stack Walk.
Modifying a Stack Walk.
The Interaction of App Domains with Stack Walks.
8. Membership Conditions, Code Groups, and Policy Levels: The Brick and Mortar of Security Policy. Membership Conditions.
Membership Conditions and Evidence.
Membership Conditions Provided by the .NET Framework.
Writing Custom Membership Conditions.
Code Groups.
Code Group Construction.
Code Group Hierarchies.
Code Groups Provided by the .NET Framework.
Code Group Extensibility.
Policy Levels.
Policy Level Contents.
The Four Policy Levels.
Working with Policy Levels.
Default Security Policy.
Enterprise and User Policy.
Machine Policy.
9. Understanding the Concepts of Strong Naming Assemblies. Assemblies and Identity.
Public/Private Key Pairs.
Signing and Verifying Assemblies.
Delay Signing Assemblies.
Comparison with Authenticode Signatures.
10. Hosting Managed Code. What Does Hosting Mean?
Containing Assemblies Through the Use of Appdomains.
Controlling Trust Within the Hosted Environment.
Dealing with Assembly-Sharing Issues.
Using Appdomains to Secure Unmanaged Clients.
11. Verification and Validation: The Backbone of .NET Framework Security. Review of the Anatomy of an Assembly.
PE File Format and Metadata Validation.
PE File Format Validation.
Metadata Validation.
IL Validation and Verification.
IL Validation.
Verifiability and Type Safety.
Repercussions of Writing Unverifiable Code.
Code Access Security's Dependence on Validation and Verification.
12. Security through the Lifetime of a Managed Process: Fitting It All Together. Development-Time Security Considerations.
Deployment-Time Security Issues.
Execution-Time Security Issues.
Loading an Assembly.
Resolving Policy for an Assembly.
Loading Classes from an Assembly.
Just-In-Time Verification and Compilation of Methods.
Execution-Time Permission Enforcement.
III. ASP.NET AND WEB SERVICES SECURITY FUNDAMENTALS.
13. Introduction to ASP.NET Security. New Security Features in ASP.NET—And How to Use Them.
Forms Authentication.
Using Impersonation in ASP.NET.
Passport Authentication.
Authentication for Web Services.
Code Access Security and ASP.NET.
14. Authentication: Know Who Is Accessing Your Site. ASP.NET Authentication and IIS Authentication.
Overview of IIS Authentication.
ASP.NET Authentication Settings.
Default IIS Settings.
Using CLR Role-Based Security in Windows.
Using ASP.NET Forms Authentication.
Using Impersonation and Delegation in ASP.NET.
15. Authorization: Control Who Is Accessing Your Site. File and Directory Access Control Lists (ACLs).
Using URL Authorization to Allow or Limit Access.
Using Programmatic Authorization to Determine Who Is Attempting to Access Your Site.
16. Data Transport Integrity: Keeping Data Uncorrupted. Implementing SSL Encryption and HTTPS.
More About Certificates—Options and Installing.
Considerations for Web Services.
Encryption of Individual Data Elements—An Overview.
Remoting and Encryption via Sinks—An Overview.
IV. .NET FRAMEWORK SECURITY ADMINISTRATION.
17. Introduction: .NET Framework Security and Operating System Security. A Roadmap for Administering the Security Context of Managed Code.
The Code Access Security Policy System.
Windows Security.
Internet Explorer Security Settings.
ASP.NET Security Settings.
Database Server Security Mechanisms.
A Different Angle: Security Systems Involved in Common Managed Code Execution Scenarios.
.NET Framework Security and Operating System Security Settings.
Windows Access Control Protections and .NET Framework Security.
Windows Software Restriction Policies and .NET Framework Security.
18. Administering Security Policy Using the .NET Framework Configuration Tool. Before Making Any Security Policy Change: Administration Strategies.
Do You Have to Change Policy at All?.
Think of the Worst Case Scenario.
Make the Policy Change with the Least Possible Impact.
Pre-Plan the Policy Structure of Your System.
Consider the Interaction with Operating System Settings.
Document Your Changes.
Introduction to the .NET Framework Configuration Tool.
Availability of the Tool.
Starting the Tool.
Overview of the Main Security Administrative Options.
Overview of the Policy Tree Manipulation Options.
Exiting the Tool.
Increasing Trust for an Assembly or Software Publisher Using the Trust.
Assembly Wizard.
The Start Page—Choosing to Make Changes to User or Machine Policy.
Selecting the Assembly or Software Publisher to Increase Trust.
Increasing Trust Just for a Selected Assembly or for All Assemblies.
Signed by the Same Software Publisher.
Choosing a Level of Trust.
Finishing the Wizard.
Changing Trust for a Zone Using the Adjust Security Wizard.
Choosing to Make Changes to the Machine or User Policy.
Choosing a Level of Trust for a Zone.
Manipulating the Security Policy Tree Directly—Basic Techniques.
Policy Level Features.
Code Group Hierarchy.
Administrating Permission Sets.
Policy Assemblies.
Undoing a Change in the Policy Tree.
Testing Security Policy Using the Evaluate Assembly Wizard.
Modeling Policy Changes Using Open and New.
Creating a New Policy Level.
Opening a Policy Level Configuration File.
Deploying Security Policy.
Creating Security Policy Deployment Packages.
Deployment Methods.
Resetting Security Policy.
The .NET Framework Configuration Tool's Self Protection Mechanism.
Administrative Tactics: Scenarios, Solutions, Hints, and Tricks.
Granting Enterprise-Wide Full Trust to an Assembly.
Granting Full Trust to All Assemblies of a Software Publisher Across an Enterprise.
Preventing an Assembly from Running Across an Enterprise.
Preventing All Assemblies of a Specific Software Publisher from Running Across an Enterprise.
Reducing the Level of Trust for All Assemblies from the Intranet for a Specific Machine.
Granting All Assemblies from a Specific Intranet Share or Mounted Drive Full Trust on a Machine.
Disallowing All Assemblies from a Specific Internet Site to Run on a Machine.
“Sandboxing” a Directory on the Local Hard Drive.
Giving All Assemblies of a Specific Software Publisher Running from the Internet File Read Rights to a Specific Directory.
Changing One's User Level Policy to Disallow Intranet Assemblies to Do Anything But Execute.
19. Administering .NET Framework Security Policy Using Scripts and Security APIs. Using Batch Scripts for Security Policy Administration.
Finding and Starting the Caspol Tool.
Basic Caspol Techniques.
Caspol in Action—Scripts, Hints, and Tricks.
Changing Security Policy by Programming Directly to the Security APIs.
Overview of the Security Classes Used for Policy Changes.
Examples of Using the Security Classes for Accessing and Changing Policy.
20. Administering an IIS Machine Using ASP.NET. XML-Based Configuration Files.
Hierarchy of .NET Configuration Files.
Attributes and Settings.
The <authentication> Element.
The <authorization> Element.
The <browserCaps> Element.
The <clientTarget> Element.
The <compilation> Element.
The <customErrors> Element.
The <globalization> Element.
The <httpHandler> Element.
The <httpModule> Element.
The <httpRuntime> Element.
The <identity> Element.
The <machineKey> Element.
The <pages> Element.
The <securityPolicy> Element.
The <sessionState> Element.
The <trace> Element.
The <trust> Element.
The <webServices> Element
Using Custom Attributes and Settings.
IIS Security Settings—A Refresher.
21. Administering Clients for .NET Framework Mobile Code. Default Security Policy and Mobile Code.
Default Security Policy's Impact on Mobile Code.
How to Expand Mobile Code Scenarios.
Limitations on Calling Strong Named Components.
Running Mobile Code in Internet Explorer.
ActiveX Controls and Managed Controls.
Different Ways to Run Managed Code in Internet Explorer.
22. Administering Isolated Storage and Cryptography Settings in the .NET Framework. Administering Isolated Storage.
Using Storeadm.exe to Administer Isolated Storage.
Using the Isolated Storage APIs to Administer Isolated Storage.
Using the IsolatedStoragePermission to Govern Code Access to Isolated Storage.
Administering Cryptography Settings.
Overview of the Cryptography Configuration Settings.
Default Mappings.
Modifying Cryptography Configuration.
V. .NET FRAMEWORK SECURITY FOR DEVELOPERS.
23. Creating Secure Code: What All .NET Framework Developers Need to Know. Security and the Developer.
Structure of the .NET Framework Security System.
Limitations of the .NET Framework Security System.
24. Architecting a Secure Assembly. Thinking Like a Security Expert: How to Improve the Security of Your Designs from Day One.
Paranoia: Designing Defensively for the Worst-Case Scenario.
Conservatism: Limiting the Scope of Your Design to Reduce the Likelihood of Security Flaws.
If All Else Fails.
Don't Throw It All Away.
25. Implementing a Secure Assembly. Using Existing Security Mechanisms.
Using Imperative Security.
Using Declarative Security.
Allowing Untrusted Callers.
Identity Demands and Their Uses.
Implementing Your Own Permissions.
Implementing a Security Custom Attribute.
Working with Strong Names.
Strong Name Key Pair Generation.
Building Strong Names into Your Assemblies.
Coping with Signature Invalidation During the Build Process.
Using Delay Signed Assemblies.
26. Testing a Secured Assembly. Determining What Is Being Protected.
Conceptual Resources.
Access Points in a Secured Assembly to a Resource.
Determining How Resource Protection Is Implemented.
Testing Any Applied Custom Permissions.
Testing the Key Methods of a Custom Permission That Interface with the Security System.
Testing Imperative Use of a Custom Permission.
Testing Declarative Use of a Custom Permission.
Other Miscellaneous Issues with Custom Permissions.
Testing the Methods and Properties That Should Be Protected.
Checking Minimal Protection on Methods and Properties.
Testing If Undocumented Protection Exists on Methods and Properties.
27. Writing a Secure Web Site Using ASP.NET. Designing a Secure Web Site.
Authentication Choices.
Authorization Choices.
Channel Options.
Possible Attack Scenarios.
Implementing a Secure Web Site.
Protected Modules.
Using Application Logs to Uncover Security Breaches.
28. Writing a Secure Web Application in the .NET Development Platform. ASP.NET with Remoting Versus Web Services.
The Case for Using ASP.NET with Remoting.
The Case for Using Web Services.
Authentication and Authorization Without IIS.
Using a SQL Server Database for Authentication.
29. Writing a Semi-Trusted Application. Restrictions on Libraries That Can Be Called.
Assemblies with APTCA.
Libraries with Known Permission Requirements.
Making Permission Requests.
Protecting Data.
Data Persisted to Disk.
Data Stored in Memory.
Data Sent on the Network.
Being Careful About What Code Gets Executed.
LinkDemands and Inheritance.
Virtual, Internal Methods.
Delegates and Stack Walks.
Loading Assemblies.
Exceptions and Filters.
Race Conditions.
Being Aware of Permissions at Runtime.
Using SecurityManager.IsGranted.
Dealing with SecurityExceptions.
30. Using Cryptography with the .NET Framework: The Basics. Setting the Stage: Key Definitions and Scenarios in Cryptography.
Ensuring Confidentiality with Symmetric Algorithms.
Ensuring Confidentiality with Asymmetric Algorithms.
Using Cryptographic Hash Functions for Message Integrity and.
Authentication.
Keyed Hash Functions.
Digital Signatures: Authentication and Integrity Using Asymmetric Algorithms.
The Cryptographic Object Model of the .NET Framework.
Operating on Streams: CryptoStreams and ICryptoTransforms.
Using Symmetric Algorithms.
The SymmetricAlgorithm Base Class.
Creating Instances of SymmetricAlgorithm Classes.
Encrypting and Decrypting with ICryptoTransforms Created from a.
SymmetricAlgorithm.
Using Cryptographic Hash Functions.
Creating HashAlgorithm Objects.
Computing Hash Values Using the ComputeHash() Methods.
Computing Hash Values of Streaming Data Using a CryptoStream.
Using Keyed Hash Functions.
Random Number Generation and Key Derivation.
Generating Pseudo-Random Numbers.
Deriving Keys from User Input.
Using Asymmetric Algorithms.
31. Using Cryptography with the .NET Framework: Advanced Topics. Working with CryptoAPI 1.0.
The CryptoAPI Provider Model: Cryptographic Service Providers and Key Containers.
Accessing Specific Providers and Key Containers from the .NET Framework Using the CspParameters Structure.
Calling CryptoAPI 1.0 Functions Directly Using Platform Invoke.
Cleaning Up: Deleting Keys and Key Containers.
Working with CryptoAPI 2.0.
Finalization Versus Explicit Destruction via IDisposable.
Extending the .NET Framework's Cryptography Classes and the Cryptographic Configuration System.
32. Using Cryptography with the .NET Framework: Creating and Verifying XML Digital Signatures. XMLDSIG Design Principles and Modes of Use.
The Structure of an XMLDSIG Signature.
The ds:Signature Element.
The ds:SignatureValue Element.
The ds:SignedInfo Element.
The ds:Reference Element.
The ds:KeyInfo Element.
Creating XMLDSIG-Compliant Signatures Using the .NET Framework.
Verifying an XMLDSIG Signature.
Extending System.Security.Cryptography.Xml for Custom Processing.
Index
Preface
Welcome! The book you hold in your hands is a comprehensive guide androadmap to the security infrastructure of the Microsoft .NET Framework. The .NET Framework is Microsoft's new cross-language development environment for building rich client applications and XML Web Services. One of the key features of the .NET Framework is a robust security infrastructure that provides developers, administrators, and users with new levels of control over code that executes on their systems.
Whether you are a developer, administrator, or end user, this book will help you make the most of the .NET Framework security system and create, control, deploy, and use secure .NET applications.
Demystifying .NET Framework Security
Our primary goal in writing this book is to explain the .NET Framework securitysystem in detail and make it easy to understand. As a group, the authors have over 10 years of combined experience as members of the .NET Framework securityproduct team at Microsoft. We have gathered together in this book our combinedadvice, experience, and wisdom to help you make the .NET Framework securitysystem best serve your needs. We hope that you will find this book useful not only as an introduction to the fundamental security features of the .NET Framework but also as a frequent desktop reference as you author or administer applications.
This book is designed to serve the security needs of .NET developers, administrators, and end users. Developers who are currently writing code in one or more .NET languages (or planning to start a coding project) will find detailed instructions on how to perform security checks, how to write code conforming to the "principle of least privilege," and how to include security in your software architectures from the outset. For example, we will teach you how to use cryptographic strong names to protect your programs from outside modification and guarantee that they run with the same shared libraries with which you intended for them to run. We will also demonstrate how to create "semipublic" application programming interfaces (APIs) that can only be called by identities you specify. Debugging security exceptions and interpreting the data returned by the Common Language Runtime when your code is denied access to some protected operation are also covered in this book. Everything you need to know to develop secure components and applications iscontained herein.
If you are an administrator, you will find in the following chapters detailed examples showing how to modify security policy to tighten or loosen it as needed for your particular environment. We will walk you through all the common policy modification scenarios and show you how you can configure an entire enterprise from one location through the use of the .NET Framework's security configuration tool and the Windows Active Directory. We will also explain ASP.NET configuration for deploying secure Web Services with authentication and authorization customized to fit your needs.
For end users, our primary task in this book is to demonstrate how you can control the security behavior of .NET Framework applications running on your machine. Depending on your particular situation, you may need to administer portions of your security configuration to allow or refuse rights to particular applications. You may have encountered a security exception while executing an application and want to know why that exception occurred. You might also be trying to use a Web Service and need to understand its security requirements. All of these topics are covered in this book.
What Do You Need to Know Prior to Reading This Book?
We assume that if you are reading .NET Framework Security that you are already familiar with the .NET Framework, the Common Language Runtime, and one or more.NET programming languages (C++, C#, Visual Basic .NET, and so on). Nearly all of the examples in this book are written in the C# programming language, so some basic familiarity with C# will help you learn the most from the sample code. Every sample in this book could just as easily been written in Visual Basic .NET, or any of the other languages that compile to MSIL and run on top of the Common Language Runtime, so what you learn from the samples will be immediately applicable in your particular programming environment.
Some specific chapters in this book assume additional topic-specific knowledge. For example, the two chapters that discuss the cryptography classes in the .NETFramework (Chapter 30, "Using Cryptography with the .NET Framework: The Basicsand Chapter 31, "Using Cryptography with the .NET Framework: Advanced Topics")assume that you already have a basic understanding of cryptography. The chapters describing the security features of ASP.NET (Chapters 13 through 16) assume that the reader has previous exposure to the core features of ASP and/or ASP.NET. Chapter 18 ("Administering Security Policy Using the .NET Framework Configuration Tool") assumes basic familiarity with the Microsoft Management Console (MMC), because the .NET Framework Configuration tool is an MMC "snap-in" that works alongside other MMC-based configuration tools, such as the Device Manager.
What Software Will You Need to Complete the Examples Provided with This Book?
At a minimum, you will need to have the .NET Framework Software DevelopmentKit (SDK) installed on your computer to compile and run the samples shownthroughout this book. The .NET Framework SDK includes the Common LanguageRuntime, the .NET Framework class libraries, command-line compilers, and administration tools. You can install the .NET Framework SDK on any of the following versions of the Windows operating system: Windows NT 4.0 (with Service Pack 6a), Windows 2000 (at least Service Pack 2 recommended) or Windows XP Professional. The .NET Framework SDK can be downloaded for free from the Microsoft Developer Network Web site at http://msdn.microsoft.com/net/.Some of the examples in this book demonstrate solutions using Visual Studio .NET. Visual Studio .NET is Microsoft's premier integrated development environment (IDE) for writing programs on top of the .NET Framework. Visual Studio .NET includes the Visual Basic .NET, Visual C# .NET, and Visual C++ .NET compilers, an integrated editor, graphical debugger, design-time wizards, and other supporting tools. Visual Studio .NET is available in three product flavors--Professional, Enterprise Developer, and Enterprise Architect. (Note that if you are a member of the Microsoft Developer Network (MSDN), your subscription may already include Visual Studio .NET.) Complete product information for Visual Studio .NET may be found on the Web at http://msdn.microsoft.com/vstudio/.
NOTE
Although the .NET Framework SDK is only available for Windows NT 4.0, Windows 2000, and Windows XP Professional, the .NET Framework Redistributable is available for Windows 98, Windows Millennium Edition, and Windows XP Home Edition in addition to the platforms supported by the SDK. Programs written on top of the .NET Framework require only that the Redistributable be present to run. Thus, while you need to run Windows NT 4.0, Windows 2000, or Windows XP Professional to develop .NET Framework programs, those programs can run on any of the platforms supported by the Redistributable.
Visual Studio .NET is currently available on the same platforms as the .NET Framework SDK--Windows NT 4.0 (Workstation and Server), Windows 2000 (Professional and Server), and Windows XP Professional.
How This Book Is Organized
We have arranged the content of this book into five broad sections. Each section is aimed at answering questions and providing examples for one or more of our core constituencies--developers, administrators, and end users. Because this book is intended to serve in part as a comprehensive reference guide to the .NET Framework security infrastructure, we recognize that each reader will be interested in different portions of the book and not everyone will need to read every chapter. We encourage everyone to begin by reading the three chapters that comprise Part I of the book (Chapters 1-3); they provide an introduction to the .NET Developer Platform, common security problems on the Internet, and an overview of how the .NET Framework security system addresses those concerns. After completing Part I, you should feel free to jump around and explore this book as you explore the various security features of the .NET Framework. Each chapter of the book (with a few noted exceptions) is designed to stand alone, so it is not necessary to read the book straight through.
The following is a quick summary of the contents of each of the five parts of the book:
- Part I: Introduction to the .NET Developer Platform Security--The first part of the book, Chapters 1 through 3, introduces the Microsoft .NET Developer Platform, describes important general features of the platform, and provides an overview of the key security feature. We recommend that everyone read the chapters in this part first to provide common background material for the topic-specific discussions in the remainder of the book.
- Part II: Code Access Security Fundamentals--Part II of the book details the architecture of the .NET Framework's "evidence-based security" model. Chapter 4, "User- and Code-Identity-Based Security: Two Complementary Security Paradigms," describes how the Framework's security system, which is based on code identity, builds on and complements the Windows NT/2000/XP security model that is based on user identity. The core elements of the evidence-based security model--evidence, permissions, stack-walking and policy objects--are detailed in Chapters 5 though 8. Chapter 9, "Understanding the Concepts of Strong Naming Assemblies," introduces strong names, a new technology that provides cryptographically secured unique namespaces for assemblies you author. Hosting the Common Language Runtime in your own programs is described in Chapter 10, "Hosting Managed Code." Type-safety verification, a key feature of MSIL and many languages that run on top of the .NET Developer Platform, is discussed in Chapter 11, "Verification and Validation: The Backbone of .NET Framework Security." Finally, Chapter 12, "Security Through the Lifetime of a Managed Process: Fitting It All Together," provides a "walk-through" of the security decisions and processes that occur while designing, developing, deploying, and running a .NET Framework application.
- Part III: ASP.NET and Web Services Security Fundamentals--Part III of this book concerns server-side security, specifically the security features of ASP.NET and Web Services. A brief introduction to the new features of ASP.NET is provided in Chapter 13, "Introduction to ASP.NET Security." Authentication and autho-rization in the ASP.NET model are discussed in Chapter 14, "Authentication: Know Who Is Accessing Your Site," and Chapter 15, "Authorization: Control Who Is Accessing Your Site." Channel integrity in ASP.NET, most commonly encountered on the Web through the use of the SSL/TLS family of encryption protocols, is covered in Chapter 16, "Data Transport Integrity: Keeping Data Uncorrupted."
- Part IV: .NET Framework Security Administration--The chapters in Part IV of this book provide a comprehensive guide to administering the .NET Framework security system and ASP.NET. Whether you administer a single machine or your enterprise's entire network, these chapters will show you how to make modifications to the default security policy that is installed by the .NET Framework to meet your particular needs. Chapter 17, "Introduction: .NET Framework Security and Operating System Security," introduces the major components of .NET Framework security policy--code access security policy, ASP.NET configuration, Internet Explorer security settings, and Windows security configuration--and how they interact with one another. Chapter 18, "Administering Security Policy Using the .NET Framework Configuration Tool," provides a comprehensive tutorial on how to modify policy using the .NET Framework Security Configuration tool MMC snap-in. Scripting and programmatic interfaces to the security configuration system are discussed in Chapter 19, "Administering .NET Framework Security Policy Using Scripts and Security APIs." Chapter 20, "Administering an IIS Machine Using ASP.NET," covers ASP.NET configuration issues, and mobile code considerations are discussed in Chapter 21, "Administering Clients for .NET Framework Mobile Code." Configuration options for isolated storage and cryptography are contained in Chapter 22, "Administering Isolated Storage and Cryptography Settings in the .NET Framework."
- Part V: .NET Framework Security for Developers--The final section of this book, Part V, is a guide for developers who want to write secure assemblies, author secure Web sites, create semi-trusted applications, or use cryptography and XML digital signatures in their applications. All developers should read Chapter 23, "Creating Secure Code: What All .NET Framework Developers Need to Know," for an overview of security-related tasks incumbent on developers building on the .NET Framework. Chapters 24 through 26 detail the process of architecting, building, and testing a secure assembly (a component designed to be shared and called by semi-trusted code). Included in these chapters are detailed examples showing how to make declarative and imperative security checks in your own code, implement custom permissions, work with and leverage strong names, and test the security aspects of your implementation. Security issues relevant to ASP.NET developers are the subject of Chapter 27, "Writing a Secure Web Site Using ASP.NET," and Chapter 28, "Writing a Secure Web Application in the .NET Development Platform." Chapter 29, "Writing a Semi-Trusted Application," describes how to program defensively, including the proper use of assembly-level permission requests and isolated storage. Finally, Chapters 30 and 31 cover the cryptography features that are included in the .NET Framework, and Chapter 32, "Using Cryptography with the .NET Framework: Creating and Verifying XML Digital Signatures," discusses the classes that implement the XML digital signature standard.
067232184XP04222002
Index
A
- access control
- Access Control Entry (ACE)
- Active Directory objects
- Dynamic Access Control List (DACL)
- examples
- how it works
- permission settings
- printers
- registry
- security descriptors
- services
- System Access Control List (SACL)
- Access Control Entry (ACE)
- Access Control Lists (ACLs)
- Active Directory objects
- Active Directory Users and Computers applet
- ActiveX controls
- Adjust Security Wizard
- AES (Advanced Encryption Standard)
- Allaire JServ
- AllowPartiallyTrustedCallersAttribute (System.Security namespace)
- anonymous access
- anonymous authentication
- Apache Tomcat Server
- Apple Web site
- applets
- application design and security
- application domains
- application logs
- applications
- desktop
- mobile code
- semi-trusted
- class libraries
- code execution
- definition
- networks
- permissions
- sensitive data
- ASP.NET
- Access Control Lists (ACLs)
- authentication settings
- authentication and SQL server databases
- delegation
- elements
- authentication
- authorization
- browserCaps
- clientTarget
- compilation
- customErrors
- globalization
- httpHandler
- httpModule
- httpRuntime
- identity
- iisFilter
- machineKey
- pages
- processModel
- securityPolicy
- sessionstate
- system.web
- trace
- trust
- webServices
- Forms Authentication
- impersonation
- remoting
- secure Web sites
- application logs
- attack scenarios
- authentication
- authorization
- channels
- protected modules
- URLScan
- security features
- authentication for Web services
- Code Access Security
- forms authentication
- impersonation
- overview
- passport authentication
- security settings
- Web Services
- XML
- assemblies
- AllowPartiallyTrustedCallersAttribute (System.Security namespace)
- appdomains
- assembly manifest
- browser-hosted
- declarative security
- definition
- delay signing
- direct execution
- disallowing
- from an Internet site on a machine
- to do anything but execute
- evidence
- giving all assemblies file-read rights to a directory
- granted permissions
- granting full trust
- to all assemblies on a machine
- to all assemblies of a software publisher
- to an assembly enterprise-wide
- JIT compiler/verifier
- loading
- loading classes
- manifest
- metadata
- Microsoft Intermediate Language
- mscorlib
- overview
- PE/COFF (Portable Executable/Common Object File Format)
- policies
- Policy Assemblies List
- preventing from running across an enterprise
- reducing level of trust
- resources
- security considerations
- during deployment
- during development
- during execution
- sharing
- signing
- strong names
- building into assemblies
- key pair generation
- overview
- signature invalidation
- structure
- testing secured
- trust levels
- untrusted callers
- verifying
- Assembly Loader
- assembly-level permission requests
- assembly-provided evidence
- Assert security action
- asymmetric algorithms
- asymmetric key encryption
- AsymmetricAlgorithm class
- AsymmetricSignatureDeformatter class
- AsymmetricSignatureFormatter class
- attacks
- brute force
- denial-of-service
- invalid data
- luring
- reply
- scenarios
- authentication
- anonymous
- ASP.NET settings
- Basic Authentication
- definition
- delegation
- differences from authorization
- digest
- forms
- IIS
- anonymous access
- Basic Authentication
- client certificates
- default settings
- Digest Authentication
- domain name restrictions
- Integrated Windows Authentication
- IP address restrictions
- overview
- impersonation
- Integrated Windows Authentication
- Kerberos
- message security
- passport
- role-based security
- SQL server databases
- user
- Web services
- authentication element
- AuthenticationManager class
- Authenticode signatures
- Authenticode signing
- authorization
- Access Control Lists (ACLs)
- differences from authentication
- secure Web sites
- URL Authorization
- users
- authorization element
- AsymmetricAlgorithm class
B
- backups (security policy)
- Base Class Library (BCL)
- Basic Authentication
- batch scripts
- BCL (Base Class Library)
- bounds checking
- boxing security problems in semi-trusted applications
- browser-hosted assemblies
- browserCaps element
- browsers and Secure Sockets Layer (SSL)
- brute force attacks
- buffer overflows
C
- camel casing
- canonicalization algorithms
- canonicalization errors
- CAPICOM
- CAS (Code Access Security)
- CAS permissions
- Caspol tool
- adding code groups
- adding permission sets
- analyzing problems with policy settings
- batch scripts
- changing code group properties
- changing permission sets
- commands
- cryptography settings
- deleting code groups
- deleting permission sets
- hints and tips for using
- locating
- overriding self-protection mechanism
- Policy Assemblies List
- policy change prompt
- resetting security policy
- scripts
- self-protection mechanism
- starting
- turning security off
- undoing latest policy change
- uses
- viewing current security policy settings
- CERT (Computer Emergency Response Team)
- certificates
- changing security policy
- channels
- HttpChannel class
- TcpChannel class
- ChannelServices class
- choke points
- class libraries and semi-trusted applications
- Class Loader
- classes
- AppDomain
- AsymmetricAlgorithm
- AsymmetricSignatureDeformatter
- AsymmetricSignatureFormatter
- AuthenticationManager
- ChannelServices
- CredentialCache
- CryptoConfig
- CryptoStream
- CryptoStreams
- DeriveBytes
- DSACryptoServiceProvider
- Evidence
- HashAlgorithm
- HttpChannel
- IsolatedStorage
- IsolatedStorageFile
- KeyedHashAlgorithm
- MarshalByRefObject
- NamedPermissionSet
- NetworkCredential
- PasswordDeriveBytes
- PolicyLevel
- RandomNumberGenerator
- ReflectionPermissionAttribute
- RNGCryptoServiceProvider
- RSACryptoServiceProvider
- SecurityManager
- SecurityPermission
- SignedXml
- SymmetricAlgorithm
- System.AppDomain
- System.Data.OleDb.OleDbPermission
- System.Data.SqlClient.SqlClientPermission
- System.Diagnostics.EventLogPermission
- System.Diagnostics.PerformanceCounterPermission
- System.Drawing.Printing.PrintingPermission
- System.Messaging.MessageQueuePermission
- System.Net.DnsPermission
- System.Net.SocketPermission
- System.Net.WebPermission
- System.Security.CodeAccessPermission
- System.Security.NamedPermissionSet
- System.Security.Permissions.EnvironmentPermission
- System.Security.Permissions.FileDialogPermission
- System.Security.Permissions.FileIOPermission
- System.Security.Permissions.IsolatedStorageFilePermission
- System.Security.Permissions.PrincipalPermission
- System.Security.Permissions.PublisherIdentityPermission
- System.Security.Permissions.ReflectionPermission
- System.Security.Permissions.RegistryPermission
- System.Security.Permissions.SecurityPermission
- System.Security.Permissions.SiteIdentityPermission
- System.Security.Permissions.StrongNameIdentityPermission
- System.Security.Permissions.UIPermission
- System.Security.Permissions.UrlIdentityPermission
- System.Security.Permissions.ZoneIdentityPermission
- System.Security.PermissionSet
- System.Security.Policy.CodeGroup
- System.Security.Policy.Evidence
- System.Security.Policy.MembershipCondition
- System.Security.Policy.PolicyException
- System.Security.Policy.PolicyLevel
- System.Security.SecurityElement
- System.ServiceProcess.ServiceControllerPermission
- TcpChannel
- UnionCodeGroup
- WebResponse
- WindowsIdentity
- WindowsPermission
- X509Certificate
- client certificates
- clientTarget element
- CLR (Common Language Runtime)
- Assembly Loader
- Class Loader
- managed code
- Policy Manager
- role-based security
- Windows security
- XML
- CLS (common language specification)
- code
- assemblies
- appdomains
- browser-hosted
- declarative security
- definition
- delay signed
- direct execution
- disallowing from an Internet site on a machine
- disallowing to do anything but execute
- evidence
- giving file-read rights to a directory
- granted permissions
- granting full trust
- JIT compiler/verifier
- loading
- loading classes
- manifest
- metadata
- Microsoft Intermediate Language
- mscorlib assembly
- PE/COFF (Portable Executable/Common Object File Format)
- policies
- preventing from running across an enterprise
- reducing level of trust
- resources
- security considerations
- sharing
- strong names
- testing secured
- trust levels
- untrusted callers
- evidence
- managed
- ASP.NET security settings
- Code Access Security policy system
- database server security mechanisms
- definition
- desktop applications
- Internet Explorer security settings
- mobile code applications
- Windows security
- mobile
- ActiveX controls
- calling strong named components
- downloaded executables
- expanding scenarios
- Internet Explorer
- Java applets
- scripts
- security policy
- solutions
- source code
- native
- secure
- definition
- developer's role
- levels of trust
- unmanaged
- unverifiable
- code access permissions
- Code Access Security
- basis of
- DACL settings
- features
- permissions
- assembly-level requests
- built-in
- code access
- declarative and imperative security
- demands
- identity
- interfaces
- PrincipalPermission
- security actions
- security policy
- uses
- policy engine
- policy system
- stack walks
- validation
- verification
- Windows security
- Windows Software Restriction Policies
- Code Access Security Policy tool. See Caspol tool
- code deployment
- assemblies
- delay signing
- manifest
- overview
- signing
- strong names
- structure
- verifying
- DLL Hell
- side-by-side support
- code execution, managing
- code group hierarchy
- code groups
- adding with the Caspol tool
- adding to policy levels
- changing properties
- creating
- custom
- deleting
- duplicating
- editing
- grouping
- membership conditions
- moving
- permissions
- renaming
- code-identity-based security
- CodeAccessPermission class
- Common Language Runtime (CLR)
- Assembly Loader
- Class Loader
- managed code
- Policy Manager
- role-based security
- Windows security
- XML
- common language specification (CLS)
- Common Vulnerabilities and Exposures (CVE) Project
- compilation element
- compilers and inlining
- Computer Emergency Response Team (CERT)
- computer security systems
- configuration element
- configuration files
- camel casing
- configuration element
- editing
- hierarchy
- IIS
- machine.config
- pascal case
- sectionGroups
- web.config
- attributes and settings
- custom attributes and settings
- hierarchy
- system.web element
- XML editor
- Configuration tool
- exiting
- installing
- main security administrative options
- MMC (Microsoft Management Console) requirements
- obtaining
- policy levels
- creating new
- features
- opening a configuration file
- policy tree manipulation options
- self protection mechanism
- starting
- uses
- controls (ActiveX controls)
- copying permission sets
- Create Deployment Package Wizard
- CredentialCache class
- CryptoAPI 1.0
- calling functions with platform invoke
- cryptographic service providers (CSPs)
- CspParameters structure
- deleting keys and key containers
- key containers
- pluggable-provider model
- uses
- CryptoAPI 2.0
- calling functions with platform invoke
- CAPICOM
- uses
- void* arguments
- X.509/PKIX certificates
- CryptoConfig class
- cryptographic algorithms
- asymmetric
- Digital Signature Algorithm (DSA)
- message digest
- public/private key pairs
- Rijndael
- RSA
- SHA-1 (Secure Hash Algorithm)
- symmetric
- cryptographic hash functions
- cryptographic library
- cryptographic object model
- classes
- AsymmetricAlgorithm
- AsymmetricSignatureDeormatter
- AsymmetricSignatureFormatter
- CryptoStreams
- DeriveBytes
- DSACryptoServiceProvider
- HashAlgorithm
- KeyedHashAlgorithm
- PasswordDeriveBytes
- RandomNumberGenerator
- RNGCryptoServiceProvider
- RSACryptoServiceProvider
- SymmetricAlgorithm
- extensions
- interfaces, ICryptoTransform
- object hierarchy
- random number generators
- secret key derivation
- cryptography
- asymmetric algorithms
- CryptoAPI 1.0
- calling functions with platform invoke
- cryptographic service providers (CSPs)
- CspParameters structure
- deleting keys and key containers
- key containers
- pluggable-provider model
- uses
- CryptoAPI 2.0
- calling functions with platform invoke
- CAPICOM
- uses
- void* arguments
- X.509/PKIX certificates
- definition
- digital signatures
- disposing of sensitive data
- hash functions
- scenarios
- semi-trusted applications
- streams
- symmetric algorithms
- XML digital signatures
- creating with .NET Framework
- ds:CanonicalizationMethod element
- ds:KeyInfo element
- ds:Reference element
- ds:Signature element
- ds:SignatureMethod element
- ds:SignatureValue element
- ds:SignedInfo element
- SignedXml class
- signing time
- structure
- verifying
- XMLDSIG
- cryptography settings
- administering
- Caspol
- machine.config file
- mappings
- modifying
- testing changes
- uses
- CryptoStream class
- CspParameters structure
- CSPs (cryptographic service providers)
- custom code groups
- custom permission sets
- custom permissions
- customErrors element
- CVE (Common Vulnerabilities and Exposures) Project
D
- DACL (Dynamic Access Control List)
- Data Encryption Standard (DES)
- data storage in stacks
- database servers
- databases and authentication
- DCOM
- declarative security
- default configurations
- default security policy
- delay signed assemblies
- delegates
- delegation
- deleting
- code groups
- Isolated Storage
- denial-of-service attacks
- denial-of-service vulnerabilities
- Deny security action
- deploying security policy
- Deployment Package Wizard
- deployment security issues
- DeriveBytes class
- DES (Data Encryption Standard)
- designing for security
- desktop applications
- development security issues
- Digest Authentication
- digital certificates
- Digital Signature Algorithm (DSA)
- digital signatures
- Authenticode
- public/private key pairs
- XML
- creating with .NET Framework
- detached
- ds:CanonicalizationMethod element
- ds:KeyInfo element
- ds:Reference element
- ds:Signature element
- ds:SignatureMethod element
- ds:SignatureValue element
- ds:SignedInfo element
- enveloped or embedded
- signing time
- structure
- verifying
- wrapped
- XMLDSIG
- direct execution of assemblies
- directories
- Access Control Lists (ACLs)
- sandboxing on the local hard drive
- disallowing assemblies
- from an Internet site on a machine
- to do anything but execute
- DLL Hell
- DLLs and versioning
- DnsPermission class
- documentation of security policy changes
- domain name restrictions
- Donut virus
- downloaded executables
- DSA (Digital Signature Algorithm)
- DSACryptoServiceProvider class
- ds:CanonicalizationMethod element
- ds:KeyInfo element
- ds:Reference element
- ds:Signature element
- ds:SignatureMethod element
- ds:SignatureValue element
- ds:SignedInfo element
- duplicating
- code groups
- permission sets
- Dynamic Access Control List (DACL)
E
- ECMA public key
- editing
- code groups
- configuration files
- permission sets
- elements
- authentication
- authorization
- browserCaps
- clientTarget
- compilation
- configuration
- customErrors
- ds:CanonicalizationMethod
- ds:KeyInfo
- ds:Reference
- ds:Signature
- ds:SignatureMethod
- ds:SignatureValue
- ds:SignedInfo
- globalization
- httpHandler
- httpModule
- httpRuntime
- identity
- iisFilter
- machineKey
- pages
- processModel
- sectionGroup
- securityPolicy
- sessionState
- subtags
- system.web
- trace
- trust
- webServices
- encapsulation
- encryption
- algorithms
- asymmetric key
- public key
- Secure Sockets Layer (SSL)
- sinks
- symmetric key
- EnvironmentPermission class
- Evaluate Assembly Wizard
- EventLogPermission class
- evidence
- Evidence class
- exceptions in semi-trusted applications
- executable files
- execution security considerations
- exiting Configuration tool
- extensibility of code groups
- eXtensible Markup Language (XML)
- permission sets
- permissions
- extensions in the cryptographic object model
F
- FileDialogPermission class
- FileIOPermission class
- files
- Access Control Lists (ACLs)
- configuration
- camel casing
- editing
- elements
- hierarchy
- IIS
- machine.config
- pascal case
- sectionGroups
- web.config
- XML editor
- executable
- security policy
- filters in semi-trusted applications
- firewalls
- Forms authentication
- frames (stacks)
- full trust assembly list
G
- garbage collection
- globalization element
- grant set
- granted permissions
- granting full trust to assemblies
- enterprise-wide
- on a machine
- of a software publisher
H
- hash functions
- hash-based message authentication code (HMAC)
- HashAlgorithm class
- HMAC (hash-based message authentication code)
- host-provided evidence
- hosting
- appdomains
- definition
- security responsibilities
- trust levels
- HttpChannel class
- httpHandler element
- httpModule element
- httpRuntime element
- HTTPS
I
- ICorRuntimeHost interface
- ICredentials interface
- ICryptoTransform interface
- identity element
- identity permissions
- IDisposable interface
- IE
- security settings
- updates and patches
- IEAK (Internet Explorer Administration Kit)
- IEvidenceFactory interface
- IIS (Internet Information Server)
- authentication
- anonymous access
- Basic Authentication
- client certificates
- default settings
- Digest Authentication
- domain name restrictions
- Integrated Windows Authentication
- IP address restrictions
- overview
- configuration files
- extension mapping
- Microsoft Management Console (MMC)
- Secure Sockets Layer (SSL)
- security settings
- SSL
- IIS Lockdown Tool
- iisFilter element
- IL (Intermediate Language)
- Code Access Security
- type safety
- validation
- verification
- ILASM utility
- IMembershipCondition interface
- imperative security
- impersonation
- information hiding
- information leaks
- inheritance
- InheritanceDemand security action
- inlining
- insecure default configurations
- installing Configuration tool
- Integrated Windows Authentication
- interfaces
- ICorRuntimeHost
- ICredentials
- ICryptoTransform
- IDisposable
- IEvidenceFactory
- IMembershipCondition
- IPermission
- ISecurityEncodable
- ISecurityPolicyEncodable
- IUnrestricted Permission
- Intermediate Language (IL)
- Code Access Security
- type safety
- validation
- verification
- Internet Explorer
- mobile code
- security settings
- updates and patches
- Internet Explorer Administration Kit (IEAK)
- Internet Information Server (IIS)
- authentication
- anonymous access
- Basic Authentication
- client certificates
- default settings
- Digest Authentication
- domain name restrictions
- Integrated Windows Authentication
- IP address restrictions
- overview
- configuration files
- extension mapping
- Microsoft Management Console (MMC)
- Secure Sockets Layer (SSL)
- security settings
- SSL
- Internet Worm
- interop methods
- interoperability
- native code
- tight language
- invalid data attacks
- IP address restrictions
- IPermission interface
- ISecurityEncodable interface
- IsecurityPolicyEncodable interface
- Isolated Storage
- administering
- deleting all stores of a user
- deleting content
- permissions
- properties
- semi-trusted applications
- state
- Storeadm.exe tool
- uses
- viewing all stores of a user
- viewing content
- IsolatedStorage class
- IsolatedStorageFile class
- IsolatedStorageFilePermission class
- IsolatedStorageScope enumeration
- IUnrestricted interface
J
- Java applets
- JavaServer Pages
- JIT compilation
- JIT compiler/verifier
- jitting
- JServ (Allaire)
K
- Kerberos
- key containers (CSPs)
- key derivation
- key pairs (encryption)
- keyed hash functions
- KeyedHashAlgorithm class
- keys
- ECMA public
- public/private pairs
L
- LinkDemand security action
- listings
- choke points
- digital certificate
- evidence
- permissions
- declarative and imperative security
- XML
- security problems in classes
- XML permissions
- loading assemblies
- log files
- luring attacks
M
- machine.config file
- machineKey element
- MACTripleDES
- managed code
- ASP.NET security settings
- Code Access Security policy system
- Common Language Runtime (CLR)
- database server security mechanisms
- definition
- desktop applications
- Internet Explorer security settings
- mobile code applications
- Windows security
- managing code execution
- manifest
- marshal by reference
- marshal by value
- MarshalByRefObject class
- membership conditions
- memory in semi-trusted applications
- message digest algorithms
- message security
- authentication
- confidentiality
- cryptography
- asymmetric algorithms
- definition
- digital signatures
- hash functions
- scenarios
- symmetric algorithms
- integrity
- MessageQueuePermission class
- metadata
- metadata validation
- methods
- Microsoft Intermediate Language
- Code Access Security
- type safety
- validation
- verification
- Microsoft .NET Framework SDK
- Microsoft Passport
- Microsoft Security Web site
- Microsoft Web site
- mobile code
- ActiveX controls
- applications
- calling strong named components
- downloaded executables
- expanding scenarios
- Internet Explorer
- Java applets
- scripts
- security policy
- security zones
- solutions
- source code
- modifying crytography settings
- modules, protected
- moving
- code groups
- permission sets
- MS IL (Microsoft Intermediate Language)
- Code Access Security
- type safety
- validation
- verification
- mscorlib assembly
N
- named permission sets
- NamedPermissionSet class
- namespaces
- System.Security
- System.Security.Cryptography.Xml
- System.Security.Permissions
- System.Security.Policy
- National Institute of Standards and Technology (NIST)
- native code
- definition
- interoperability
- Native Image Generator tool
- .NET Framework
- Base Class Library (BCL)
- benefits
- Code Access Security (CAS)
- common language runtime
- garbage collection
- JIT compilation
- metadata
- native code interoperability
- object-oriented programming
- security
- benefits
- calling the security system
- class libraries
- code identity-based security checking
- extending the security system
- limitations
- PrincipalPermission
- registry access
- SecurityPermission.ControlEvidence
- tight language interoperability
- whitepaper on secure coding guidelines
- .NET Framework SDK
- .NET Framework Wizards launcher
- NetBIOS ports
- NetworkCredential class
- networks and semi-trusted applications
- New Code Group Wizard
- NIST (National Institute of Standards and Technology)
- non-CAS permissions
- non-code access security permissions
- NTFS file system
O
- object-oriented programming
- OleDbPermission class
- operating systems
- interaction with security policy
- security mechanisms
- overriding Caspol self-protection mechanism
P
- P/Invoke methods
- pages element
- pascal case
- Passport
- passport authentication
- PasswordDeriveBytes class
- PE File Format Validation
- PE Verify
- PE/COFF (Portable Executable/Common Object File Format)
- PerformanceCounterPermission class
- permission sets
- adding
- administration
- changing
- copying
- creating
- custom
- declarative security
- deleting
- duplicating
- editing
- imperative security
- moving
- operations
- renaming
- states
- uses
- viewing
- permissions
- assembly-level requests
- built-in
- CAS
- classes
- ReflectionPermissionAttribute
- SecurityPermission
- code access
- code groups
- custom
- declarative and imperative security
- declarative security
- demands
- execution-time enforcement
- identity
- imperative security
- interfaces
- IPermission interface
- ISecurityEncodable interface
- Isolated Storage
- IUnrestrictedPermission interface
- non-CAS
- operations
- PrincipalPermission
- security actions
- security custom attributes
- security policy
- semi-trusted applications
- standard
- states
- uses
- PermissionSet class
- PermitOnly security action
- PermView utility
- PEVerify tool
- PKIs (public key infrastructures)
- platform invoke
- CryptoAPI 1.0 functions
- CryptoAPI 2.0 functions
- Platform/Invoke methods
- policies
- security
- Windows Software Restriction Policies
- policy assemblies
- Policy Assemblies List
- policy engine
- policy levels
- assemblies
- code group hierarchy
- creating new
- features
- intersecting permissions
- opening a configuration file
- permission sets
- undoing changes
- Policy Manager
- policy resolution
- PolicyLevel class
- polymorphism
- Portable Executable/Common Object File Format (PE/COFF)
- preventing assemblies from running across an enterprise
- PrincipalPermission class
- printers and access control
- PrintingPermission class
- private keys
- privileges. See permissions
- PRNGs (pseudo-random number generators)
- processModel element
- protected modules
- protecting resources
- pseudo-random number generators (PRNGs)
- public key algorithms
- public key encryption
- public key infrastructure (PKIs)
- public keys
- public/private key pairs
- PublisherIdentityPermission class
Q
- quitting the Configuration tool
R
- race conditions in semi-trusted applications
- random number generators
- RandomNumberGenerator class
- RedHat Web site
- reducing level of trust for all assemblies
- reflection
- ReflectionPermission class
- ReflectionPermissionAttribute class
- regedit32
- registry
- HKEY_Local_Machine registry key repository
- key access control settings
- RegistryPermission class
- remoting
- renaming
- code groups
- permission sets
- reply attacks
- resetting policy levels
- resetting security policy
- resources
- Rijndael algorithm
- RNGCryptoServiceProvider class
- role-based security
- RSA algorithm
- RSACryptoServiceProvider class
S
- SACL (System Access Control List)
- sandboxing a directory on the local hard drive
- SANS (Security Administration, Networking, and Security)
- Scheduled Task Wizard
- scheduled tasks
- scripts
- Caspol tool
- security policy administration
- secret key ciphers
- secret key derivation
- sectionGroup element
- secure code
- definition
- developer's role
- levels of trust
- Secure Hash Algorithm (SHA-1)
- Secure Sockets Layer (SSL)
- secure Web sites
- attacks
- authentication
- authorization
- channels
- designing
- firewalls
- implementing
- log files
- NetBIOS ports
- protected modules
- SecureOffice example
- SSL
- SecureOffice Web site
- security
- actions
- application designs
- ASP.NET
- authentication for Web services
- Code Access Security
- forms authentication
- impersonation
- overview
- passport authentication
- considerations
- during deployment
- during development
- during execution
- databases
- Internet Explorer
- mobile code
- ActiveX controls
- downloaded executables
- Java applets
- scripts
- source code
- .NET Framework
- calling the security system
- class libraries
- code-identity-based security checking
- extending the security system
- limitations
- PrincipalPermission
- registry access
- SecurityPermission.ControlEvidence
- structure
- PrincipalPermission
- operating systems
- software
- software vulnerabilities
- buffer overflows
- canonicalization errors
- denial-of-service attacks
- information leaks
- insecure default configurations
- turning off
- security administration
- breaches in security
- Configuration tool
- creating a new policy level
- exiting
- installing
- main options
- MMC (Microsoft Management Console) requirements
- obtaining
- opening a policy level configuration file
- policy level features
- policy tree manipulation options
- self protection mechanism
- starting
- uses
- crytography settings
- administering
- Caspol
- machine.config file
- mappings
- modifying
- testing changes
- uses
- disallowing assemblies
- from an Internet site on a machine
- to do anything but execute
- giving all assemblies file-read rights to a directory
- granting full trust to assemblies
- enterprise-wide
- on a machine
- of a software publisher
- Isolated Storage
- administering
- deleting all stores of a user
- deleting content
- permissions
- properties
- state
- Storeadm.exe tool
- uses
- viewing all stores of a user
- viewing content
- preventing assemblies from running across an enterprise
- reducing level of trust for all assemblies
- sandboxing a directory on the local hard drive
- strategies
- Wizards
- Adjust Security
- Create Deployment Package
- Deployment Package
- Evaluate Assembly
- New Code Group
- Trust Assembly
- security benefits of .NET Framework
- security checks
- IL validation
- IL verification
- metadata validation
- PE File Format validation
- unverifiable code
- security choke points
- security custom attributes
- security descriptors
- security policy
- backups
- changing
- changing programmatically
- APIs
- Caspol tool
- scenarios
- code groups
- corruption
- default
- deploying
- documenting changes
- file locations
- interaction with operation system settings
- machine policies
- membership conditions
- mobile code
- permissions
- policy level features
- policy levels
- code group hierarchy
- creating new
- features
- opening a configuration file
- permission sets
- policy assemblies
- undoing changes
- policy resolution
- purpose
- resetting
- setting
- structure
- testing
- Trustworthy Computing initiative
- user policies
- worst case scenarios
- security policy APIs
- administration
- classes
- NamedPermissionSet
- PolicyLevel
- SecurityManager
- UnionCodeGroup
- programming
- security policy model
- security syntax
- security vulnerabilities
- buffer overflows
- canonicalization errors
- denial-of-service attacks
- information leaks
- insecure default configurations
- resources
- CERT (Computer Emergency Response Team)
- CVE (Common Vulnerabilities and Exposures) Project
- SANS (System Administration, Networking, and Security)
- SecurityFocus
- SecurityFocus vulnerability database
- security zones
- SecurityExceptions in semi-trusted applications
- SecurityFocus vulnerability database
- SecurityManager class
- SecurityPermission class
- securityPolicy element
- semantic metadata validation
- semi-trusted applications
- class libraries
- code execution
- definition
- networks
- permissions
- sensitive data
- ServiceControllerPermission class
- services and access control
- sessionState element
- SHA-1 (Secure Hash Algorithm)
- shared assemblies
- side-by-side support
- signatures. See digital signatures
- SignedXml class
- signing assemblies
- Simple Object Access Protocol (SOAP)
- sinks
- SiteIdentityPermission class
- SN utility
- SOAP (Simple Object Access Protocol)
- SocketPermission class
- software
- security mechanisms
- security problems
- buffer overflows
- canonicalization errors
- denial-of-service attacks
- information leaks
- insecure default configurations
- Software Restriction Policies
- source code
- SQL server databases and authentication
- SqlClientPermission class
- SSL (Secure Sockets Layer)
- stack walks
- application performance
- semi-trusted applications
- stacks
- data storage
- frames
- pointers
- popping
- process layouts
- pushing
- threads
- uses
- walking the stack
- standard permissions
- starting
- Caspol tool
- Configuration tool
- Wizards launcher
- states (permissions)
- Storeadm tool
- storing data in stacks
- streams (cryptography)
- strong names
- assemblies
- building into assemblies
- key pair generation
- side-by-side support
- signature invalidation
- StrongNameIdentityPermission class
- structural metadata validation
- subtags
- Sun Web site
- switching off security
- symmetric algorithms
- symmetric key encryption
- SymmetricAlgorithm class
- System Access Control List (SACL)
- System.AppDomain class
- System.Data.OleDb.OleDbPermission class
- System.Data.SqlClient.SqlClientPermission class
- System.Diagnostics.EventLogPermission class
- System.Diagnostics.PerformanceCounterPermission class
- System.Drawing.Printing.PrintingPermission class
- System.Messaging.MessageQueuePermission class
- System.Net.DnsPermission class
- System.Net.SocketPermission class
- System.Net.WebPermission class
- System.Security namespace
- System.Security.CodeAccessPermission class
- System.Security.Cryptography.Xml namespace
- System.Security.NamedPermissionSet class
- System.Security.Permissions namespace
- System.Security.Permissions.EnvironmentPermission class
- System.Security.Permissions.FileDialogPermission class
- System.Security.Permissions.FileIOPermission class
- System.Security.Permissions.IsolatedStorageFilePermission class
- System.Security.Permissions.PrincipalPermission class
- System.Security.Permissions.PublisherIdentityPermission class
- System.Security.Permissions.ReflectionPermission class
- System.Security.Permissions.RegistryPermission class
- System.Security.Permissions.SecurityPermission class
- System.Security.Permissions.SiteIdentityPermission class
- System.Security.Permissions.StrongNameIdentityPermission class
- System.Security.Permissions.UIPermission class
- System.Security.Permissions.UrlIdentityPermission class
- System.Security.Permissions.ZoneIdentityPermission class
- System.Security.PermissionSet class
- System.Security.Policy namespace
- System.Security.Policy.CodeGroup class
- System.Security.Policy.Evidence class
- System.Security.Policy.MembershipCondition class
- System.Security.Policy.PolicyException class
- System.Security.Policy.PolicyLevel class
- System.Security.SecurityElement class
- System.ServiceProcess.ServiceControllerPermission class
- system.web element
T
- tags
- authentication
- authorization
- browserCaps
- clientTarget
- compilation
- configuration
- customErrors
- globalization
- httpHandler
- httpModule
- httpRuntime
- identity
- iisFilter
- machineKey
- pages
- processModel
- sectionGroup
- securityPolicy
- sessionState
- subtags
- system.web
- trace
- trust
- webServices
- TcpChannel class
- testing
- crytography settings
- secured assemblies
- security policy
- threads (stacks)
- tight language interoperability
- TlbImp utility
- Tomcat Server (Apache)
- tools
- Caspol
- adding code groups
- adding permission sets
- analyzing problems with policy settings
- batch scripts
- changing code group properties
- changing permission sets
- command format and scope
- deleting code groups
- deleting permission sets
- hints and tips for using
- locating
- overriding self-protection mechanism
- Policy Assemblies List
- policy change prompt
- resetting security policy
- scripts
- self-protection mechanism
- starting
- turning security off
- undoing latest policy change
- uses
- viewing current security policy settings
- Configuration
- creating a new policy level
- exiting
- installing
- main security administrative options
- MMC (Microsoft Management Console) requirements
- obtaining
- opening a policy level configuration file
- policy level features
- policy tree manipulation options
- self protection mechanism
- starting
- uses
- ILASM
- Native Image Generator
- PEVerify
- SN
- Storeadm
- TlbImp
- URLScan
- trace element
- Trust Assembly Security Wizard
- Trust Assembly Wizard
- trust element
- trust in hosted environments
- Trustworthy Computing initiative
- turning off security
- type safety
U
- UIPermission class
- undoing
- policy tree changes
- security policy changes
- UnionCodeGroup class
- unmanaged code
- unverifiable code
- URL Authorization
- UrlIdentityPermission class
- URLs and evidence
- URLScan tool
- user authentication
- user authorization
- user-identity-based security
- utilities
- Caspol
- adding code groups
- adding permission sets
- analyzing problems with policy settings
- batch scripts
- changing code group properties
- changing permission sets
- command format and scope
- deleting code groups
- deleting permission sets
- hints and tips for using
- locating
- overriding self-protection mechanism
- Policy Assemblies List
- policy change prompt
- resetting security policy
- scripts
- self-protection mechanism
- starting
- turning security off
- undoing latest policy change
- uses
- viewing current security policy settings
- Configuration
- creating a new policy level
- exiting
- installing
- main security administrative options
- MMC (Microsoft Management Console) requirements
- obtaining
- opening a policy level file
- policy level features
- policy tree manipulation options
- self protection mechanism
- starting
- uses
- ILASM
- Native Image Generator
- PEVerify
- SN
- Storeadm
- TlbImp
- URLScan
V
- validation
- Code Access Security
- IL
- metadata
- PE File Format
- verification
- Code Access Security
- IL
- PE Verify
- PEVerify tool
- unverifiable code
- verifying
- assemblies
- XMLDSIG signatures
- versioning, DLLs
- viewing
- Isolated Storage
- permission sets
- Virtual Directory Creation Wizard
- viruses
- visibility of security problems in semi-trusted applications
- vulnerabilities
- buffer overflows
- canonicalization errors
- denial-of-service attacks
- information leaks
- insecure default configurations
- resources
- CERT (Computer Emergency Response Team)
- CVE (Common Vulnerabilities and Exposures) Project
- SANS (System Administration, Networking, and Security)
- SecurityFocus
- SecurityFocus vulnerability database
W
- walking the stack
- Web browsers and Secure Sockets Layer (SSL)
- Web Server Certificate Wizard
- Web Services
- authentication
- JavaServer Pages
- SOAP
- uses
- XML
- Web sites
- Apple
- Microsoft
- RedHat
- secure
- attacks
- authentication
- authorization
- channels
- designing
- firewalls
- implementing
- log files
- NetBIOS ports
- protected modules
- SecureOffice example
- SSL
- Sun
- web.config file
- attributes and settings
- custom attributes and settings
- hierarchy
- system.web element
- WebPermission class
- WebResponse class
- webServices element
- whitepaper on secure coding guidelines for .NET Framework
- Windows security
- access control
- Access Control Entry (ACE)
- Active Directory objects
- Dynamic Access Control List (DACL)
- examples
- how it works
- permission settings
- printers
- registry
- security descriptors
- services
- System Access Control List (SACL)
- Code Access Security
- Common Language Runtime (CLR)
- user authentication
- Windows Software Restriction Policies
- WindowsIdentity class
- WindowsPermission class
- Wizards
- Adjust Security
- Create Deployment Package
- Deployment Package
- Evaluate Assembly
- New Code Group
- Scheduled Task
- Trust Assembly
- Virtual Directory Creation
- Web Server Certificate
- Wizards launcher
X
- X.509/PKIX digital certificates
- X509Certificate class
- XML
- ASP.NET
- canonicalization algorithm
- permission sets
- permissions
- SOAP (Simple Object Access Protocol)
- System.Security.Crytography.Xml namespace
- uses
- Web Services
- XPath
- XML digital signatures
- creating with .NET Framework
- detached digital signatures
- ds:CanonicalizationMethod element
- ds:KeyInfo element
- ds:Reference element
- ds:Signature element
- ds:SignatureMethod element
- ds:SignatureValue element
- ds:SignedInfo element
- enveloped or embedded
- SignedXml class
- signing time
- structure
- verifying
- wrapped
- XMLDSIG
- XML editor
- XMLDSIG
- XPath
Y
There are no entries in this section.
Z
- Zone class
- ZoneIdentityPermission class
- zones (evidence)