1 / 24

Code Access Security

Code Access Security. A mi Dudu Software architect IDF xdim@netvision.net.il. Agenda. Goals Evidence-Based security Security policy Permission classes Role-based Security Common InterfacesBaseClasses Implementing your own classes. Goals.

daisy
Download Presentation

Code Access Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Code Access Security Ami Dudu Software architect IDF xdim@netvision.net.il

  2. Agenda • Goals • Evidence-Based security • Security policy • Permission classes • Role-based Security • Common Interfaces\BaseClasses • Implementing your own classes

  3. Goals • Ensures that code can access only resources it has the right to access • Allows security policy to control the resource code has access to based on: • Where the code comes from • Other aspects of the code’s identity • Allows programmers to specify resources that their code • Must be able to access in order to run effectively • Could optionally access • Should not be able to access

  4. Possibilities • Secure our libraries • Defend our servers more effectively • Writing application using RBS • And more…

  5. Evidence-Based security • Set of information about the identity and origin of an assembly • Uses by the .Net Framework security system at load time to determine the permissions an assembly receives • Evidence includes things such as Strong-Name, Signature, Code Location, Zone and can also be custom-defined

  6. Security policy • Storage of the security permissions • Policy levels: enterprise, machine, user • Each level consists of a collection of hierarchical code groups, and each code group has a set of permissions (file system, registry, environment variables etc.) • Final Permission set is union for same level and intersection between levels

  7. Security Policy

  8. C:\foo.dll SN=0x00.. Hash=00.. Calc. level permission All Code Nothing Nothing Zone=My Computer Full trust Zone=Local Intranet IO Permission SN=0xD1… Full trust Full trust Hash=01… Events Permission Hash=04… UI Permission Hash=00… Events Permission Union Full trust

  9. http://www SN=0xD1.. Hash=00.. Calc. level permission All Code Nothing Nothing Zone=My Computer Full trust Zone=Local Intranet IO Permission SN=0xD1… Full trust Full trust Hash=01… Events Permission Hash=04… UI Permission Hash=00… Events Permission Events Permission Union Full trust

  10. Calc. level permission C:\foo.dll SN=0xD1.. Hash=01.. All Code Nothing Nothing Zone=My Computer Full trust Zone=Local Intranet IO Permission SN=0xD1… Full trust Full trust Full trust Hash=01… Events Permission Hash=04… UI Permission Hash=00… Events Permission Union Full trust

  11. Playing with rights

  12. Permissions • Permissions represent the right to interact with a given resource • Examples: FileIO Registry Environment Socket Reflection Directory Services Printing SQLClient Message Queue Event Log DNS And more…

  13. Declarative Demands • Specify security check using attributes • Permission state must be known at compile time • Can be viewed with PermView SDK Tool or Ildasm [FileIOPermission(SecurityAction.Demand, Write = @"C:\Temp")] private void TryToCreateAFile() { // create a file }

  14. SecurityAction Enum • Demand – All callers higher in the call stack are required to have been granted the permission specified by the current permission object • LinkDemand – The immediate caller is required to have been granted the specified permission • Assert – The calling code can access the resource identified by the current permission object, even if callers higher in the stack have not been granted permission to access the resource • And More…

  15. Imperative Demands • Allows security checks to vary by control flow or method state private void foo(string FilePath, string FileName) { FileIOPermission filePerm = new FileIOPermission(FileIOPermissionAccess.Write, FilePath); filePerm.Demand(); // rest of the method }

  16. Permission classes methods • Demand • Union • Intersect • Assert • RevertAssert • And more…

  17. Work with permissions

  18. Role-based security • Role-Based security allows access to code and resources based on: • The user’s Identity • The roles or groups to which the user belong • Role-Based security based on Principals and Identities classes

  19. Role-based security • Identity information typically consists of the user name and the roles associated with the user • In .Net Framework identity encapsulates the user’s login name, and the principal encapsulates the user’s role membership information • .Net framework supports identity and principal for the Microsoft Windows user and group information, or custom identity and principal

  20. Role-based security

  21. Common Interfaces\BaseClasses • ISecurityEncodable • FromXML, ToXML (SecurityElement) • IPermission • Copy, Demand, Intersect, IsSubsetOf, Union • IUnrestricted • IsUnrestriced • CodeAccessPermission as BaseClass • PemitOnly, Deny, RevertXXX

  22. Implementing your own classes

  23. Possibilities • Secure our libraries • Defend our servers more effectively • Writing application using RBS • And more…

  24. Questions ?

More Related