Building Secure Microsoft ASP.NET Applications (Paperback

Microsoft Corporation

  • 出版商: MicroSoft
  • 出版日期: 2003-02-01
  • 售價: $2,010
  • 貴賓價: 9.5$1,910
  • 語言: 英文
  • 頁數: 624
  • 裝訂: Paperback
  • ISBN: 0735618909
  • ISBN-13: 9780735618909
  • 相關分類: .NETASP.NET
  • 已過版

買這商品的人也買了...

相關主題

商品描述

 

Summary

Your guide to authentication, authorization, and secure communication.

Building secure distributed Web applications can be challenging. It usually involves integrating several different technologies and products—yet your complete application will only be as secure as its weakest link. This guide presents a practical, scenario-driven approach to designing and building security-enhanced ASP.NET applications for Microsoft® Windows® 2000 and version 1.1 of the Microsoft .NET Framework. It focuses on the key elements of authentication, authorization, and secure communication within and across the tiers of distributed .NET Web applications.

This guide focuses on:
• Authentication—to identify the clients of your application
• Authorization—to provide access controls for those clients
• Secure communication—to help ensure that messages remain private and are not altered by unauthorized parties

Who should read this guide:
Middleware developers and architects who build or plan to build .NET Web applications using ASP.NET, XML Web Services, Enterprise Services (COM+), .NET Remoting, or Microsoft ADO.NET

About “Patterns and Practices”:
Patterns & Practices contain specific recommendations illustrating how to design, build, deploy, and operate architecturally sound solutions to challenging business and technical scenarios. The technical guidance is reviewed and approved by Microsoft engineering teams, consultants, and Product Support Services, and by partners and customers.

Note: Includes complete sample on the Web.

Table of Contents

    Acknowledgements xxiii
    Preface xxv
CHAPTER 1   Introduction 1
    The Connected Landscape 1
    The Foundations 2
        Authentication 2
        Authorization 2
        Secure Communication 3
    Tying the Technologies Together 3
    Design Principles 4
    Summary 6
CHAPTER 2   Security Model for ASP.NET Applications 7
    .NET Web Applications 7
        Logical Tiers 8
        Physical Deployment Models 9
    Implementation Technologies 10
    Security Architecture 11
        Security Across the Tiers 12
        Authentication 13
        Authorization 16
        Gatekeepers and Gates 17
    Introducing .NET Framework Security 20
        Code Access Security 20
        Principals and Identities 21
        WindowsPrincipal and WindowsIdentity 23
        GenericPrincipal and Associated Identity Objects 23
        ASP.NET and HttpContext.User 24
        Remoting and Web Services 24
    Summary 25
CHAPTER 3   Authentication and Authorization Design 27
    Designing an Authentication and Authorization Strategy 28
        Identify Resources 28
        Choose an Authorization Strategy 28
        Choose the Identities Used for Resource Access 29
        Consider Identity Flow 30
        Choose an Authentication Approach 31
        Decide How to Flow Identity 31
    Authorization Approaches 32
        Role Based Authorization 32
        Resource Based Authorization 33
        Resource Access Models 33
        The Trusted Subsystem Model 33
        The Impersonation / Delegation Model 35
        Choosing a Resource Access Model 36
    Flowing Identity 38
        Application vs. Operating System Identity Flow 38
        Impersonation and Delegation 38
    Role-Based Authorization 40
        .NET Roles 40
        Enterprise Services (COM+) Roles 42
        SQL Server User Defined Database Roles 42
        SQL Server Application Roles 42
        .NET Roles versus Enterprise Services (COM+) Roles 43
        Using .NET Roles 44
    Choosing an Authentication Mechanism 47
        Internet Scenarios 49
        Intranet / Extranet Scenarios 50
        Authentication Mechanism Comparison 51
    Summary 51
CHAPTER 4   Secure Communication 53
    Know What to Secure 54
    SSL/TLS 55
        Using SSL 55
    IPSec 56
        Using IPSec 56
    RPC Encryption 57
        Using RPC Encryption 57
    Point to Point Security 58
        Browser to Web Server 58
        Web Server to Remote Application Server 59
        Application Server to Database Server 59
    Choosing Between IPSec and SSL 61
    Farming and Load Balancing 61
        More Information 61
    Summary 61
CHAPTER 5   Intranet Security 63
    ASP.NET to SQL Server 64
        Characteristics 64
        Secure the Scenario 65
        The Result 65
        Security Configuration Steps 66
        Analysis 68
        Q&A 69
        Related Scenarios 70
    ASP.NET to Enterprise Services to SQL Server 71
        Characteristics 72
        Secure the Scenario 72
        The Result 73
        Security Configuration Steps 74
        Analysis 76
        Pitfalls 77
    ASP.NET to Web Services to SQL Server 77
        Characteristics 78
        Secure the Scenario 78
        The Result 79
        Security Configuration Steps 79
        Analysis 82
        Pitfalls 84
        Q&A 84
    ASP.NET to Remoting to SQL Server 85
        Characteristics 85
        Secure the Scenario 85
        The Result 86
        Security Configuration Steps 87
        Analysis 89
        Pitfalls 90
    Flowing the Original Caller to the Database 91
        ASP.NET to SQL Server 92
        ASP.NET to Enterprise Services to SQL Server 93
        The Result 94
        Analysis 98
        Pitfalls 99
    Summary 99
CHAPTER 6   Extranet Security 101
    Exposing a Web Service 102
        Characteristics 102
        Secure the Scenario 103
        The Result 103
        Security Configuration Steps 104
        Analysis 107
        Pitfalls 108
        Q&A 108
    Exposing a Web Application 109
        Scenario Characteristics 109
        Secure the Scenario 110
        The Result 111
        Analysis 113
        Pitfalls 115
    Summary 115
CHAPTER 7   Internet Security 117
    ASP.NET to SQL Server 118
        Characteristics 118
        Secure the Scenario 119
        The Result 120
        Security Configuration Steps 120
        Analysis 122
        Pitfalls 124
        Related Scenarios 124
    ASP.NET to Remote Enterprise Services to SQL Server 125
        Characteristics 126
        Secure the Scenario 127
        The Result 128
        Security Configuration Steps 128
        Analysis 132
        Pitfalls 133
        Related Scenarios 133
     Summary 134
CHAPTER 8   ASP.NET Security 135
    ASP.NET Security Architecture 135
        Gatekeepers 137
    Authentication and Authorization Strategies 139
        Available Authorization Options 140
        Windows Authentication with Impersonation 141
        Windows Authentication without Impersonation 143
        Windows Authentication Using a Fixed Identity 145
        Forms Authentication 145
        Passport Authentication 147
    Configuring Security 147
        Configure IIS Settings 149
        Configure ASP.NET Settings 149
        Secure Resources 152
        Secure Communication 155
    Programming Security 155
        An Authorization Pattern 156
        Creating a Custom IPrincipal class 158
    Windows Authentication 159
    Forms Authentication 160
        Development Steps for Forms Authentication 162
        Forms Implementation Guidelines 165
        Hosting Multiple Applications Using Forms Authentication 166
        Cookieless Forms Authentication 166
    Passport Authentication 167
    Custom Authentication 168
    Process Identity for ASP.NET 168
        Use a Least Privileged Account 168
        Avoid Running as SYSTEM 169
        Using the Default ASPNET Account 169
    Impersonation 172
        Impersonation and Local Resources 172
        Impersonation and Remote Resources 172
        Impersonation and Threading 172
    Accessing System Resources 173
        Accessing the Event Log 173
        Accessing the Registry 174
    Accessing COM Objects 174
        Apartment Model Objects 174
    Accessing Network Resources 176
        Using the ASP.NET Process Identity 176
        Using a Serviced Component 177
        Using the Anonymous Internet User Account 178
        Using LogonUser and Impersonating a Specific Windows Identity 180
        Using the Original Caller 180
        Accessing Files on a UNC File Share 181
        Accessing Non-Windows Network Resources 181
    Secure Communication 182
    Storing Secrets 182
        Options for Storing Secrets in ASP.NET 184
        Consider Storing Secrets in Files on Separate Logical Volumes 184
    Securing Session and View State 185
        Securing View State 185
        Securing Cookies 185
        Securing SQL Session State 185
    Web Farm Considerations 188
        Session State 188
        DPAPI 188
        Using Forms Authentication in a Web Farm 188
        The <machineKey> Element 189
    Summary 190
CHAPTER 9   Enterprise Services Security 193
    Security Architecture 193
        Gatekeepers and Gates 195
        Use Server Applications for Increased Security 196
        Security for Server and Library Applications 197
        Code Access Security Requirements 197
    Configuring Security 198
        Configuring a Server Application 198
        Configuring an ASP.NET Client Application 205
        Configuring Impersonation Levels for an Enterprise Services Application 206
    Programming Security 207
        Programmatic Role-Based Security 207
        Identifying Callers 208
    Choosing a Process Identity 208
        Avoid Running as the Interactive User 208
        Use a Least-Privileged Custom Account 209
    Accessing Network Resources 209
        Using the Original Caller 210
        Using the Current Process Identity 210
        Using a Specific Service Account 211
    Flowing the Original Caller 211
        Calling CoImpersonateClient 212
    RPC Encryption 213
        More Information 213
    Building Serviced Components 213
        DLL Locking Problems 213
        Versioning 214
        QueryInterface Exceptions 215
    DCOM and Firewalls 215
        More Information 215
    Calling Serviced Components from ASP.NET 216
        Caller’s Identity 216
        Use Windows Authentication and Impersonation Within  
the Web-based Application 216
        Configure Authentication and Impersonation within Machine.config 216
        Configuring Interface Proxies 216
    Security Concepts 219
        Enterprise Services (COM+) Roles and .NET Roles 220
        Authentication 221
        Impersonation 222
    Summary 224
CHAPTER 10   Web Services Security 225
    Web Service Security Model 225
        Platform/Transport Level (Point-to-Point) Security 226
        Application Level Security 227
        Message Level (End-to-End) Security 227
    Platform/Transport Security Architecture 229
        Gatekeepers 230
    Authentication and Authorization Strategies 231
        Windows Authentication with Impersonation 231
        Windows Authentication without Impersonation 233
        Windows Authentication Using a Fixed Identity 235
    Configuring Security 236
        Configure IIS Settings 236
        Configure ASP.NET Settings 237
        Secure Resources 237
        Disable HTTP-GET, HTTP-POST 237
        Secure Communication 238
    Passing Credentials for Authentication to Web Services 238
        Specifying Client Credentials for Windows Authentication 239
        Calling Web Services from Non-Windows Clients 241
        Proxy Server Authentication 242
    Flowing the Original Caller 242
        Default Credentials with Kerberos Delegation 243
        Explicit Credentials with Basic or Forms Authentication 245
    Trusted Subsystem 248
        Flowing the Caller’s Identity 249
        Configuration Steps 249
    Accessing System Resources 250
    Accessing Network Resources 250
    Accessing COM Objects 251
        More Information 251
    Using Client Certificates with Web Services 251
        Authenticating Web Browser Clients with Certificates 252
        Using the Trusted Subsystem Model 252
    Secure Communication 255
        Transport Level Options 256
        Message Level Options 256
    Summary 256
CHAPTER 11   .NET Remoting Security 259
    .NET Remoting Architecture 259
        Remoting Sinks 260
        Anatomy of a Request When Hosting in ASP.NET 262
        ASP.NET and the HTTP Channel 263
    .NET Remoting Gatekeepers 264
    Authentication 265
        Hosting in ASP.NET 265
        Hosting in a Windows Service 266
    Authorization 267
        Using File Authorization 267
    Authentication and Authorization Strategies 268
        More Information 269
    Accessing System Resources 269
    Accessing Network Resources 270
    Passing Credentials for Authentication to Remote Objects 270
        Specifying Client Credentials 270
    Flowing the Original Caller 273
        Default Credentials with Kerberos Delegation 274
        Explicit Credentials with Basic or Forms Authentication 276
    Trusted Subsystem 280
        Flowing the Caller’s Identity 281
        Choosing a Host 282
        Configuration Steps 282
    Secure Communication 284
        Platform Level Options 284
    Choosing a Host Process 285
        Recommendation 285
        Hosting in ASP.NET 285
        Hosting in a Windows Service 286
        Hosting in a Console Application 287
    Remoting vs. Web Services 288
    Summary 289
CHAPTER 12   Data Access Security 291
    Introducing Data Access Security 291
        SQL Server Gatekeepers 293
        Trusted Subsystem vs. Impersonation/Delegation 293
    Authentication 295
        Windows Authentication 295
        SQL Authentication 301
        Authenticating Against Non-SQL Server Databases 303
    Authorization 304
        Using Multiple Database Roles 304
    Secure Communication 305
        The Options 306
        Choosing an Approach 306
    Connecting with Least Privilege 307
        The Database Trusts the Application 307
        The Database Trusts Different Roles 307
        The Database Trusts the Original Caller 308
    Creating a Least Privilege Database Account 308
    Storing Database Connection Strings Securely 310
        The Options 310
        Using DPAPI 310
        Using Web.config and Machine.config 314
        Using UDL Files 314
        Using Custom Text Files 316
        Using the Registry 316
        Using the COM+ Catalog 316
    Authenticating Users against a Database 317
        Store One-way Password Hashes (with Salt) 317
    SQL Injection Attacks 319
    Auditing 323
    Process Identity for SQL Server 324
    Summary 325
CHAPTER 13   Troubleshooting Security Issues 327
    Process for Troubleshooting 327
        Searching for Implementation Solutions 328
    Troubleshooting Authentication Issues 329
        IIS Authentication Issues 329
        Using Windows Authentication 330
        Using Forms Authentication 331
        Kerberos Troubleshooting 331
    Troubleshooting Authorization Issues 331
        Check Windows ACLs 331
        Check Identity 331
        Check the <authorization> Element 332
    ASP.NET 333
        Enable Tracing 333
        Configuration Settings 333
    Determining Identity 334
        Determining Identity in a Web Page 334
        Determining Identity in a Web service 336
        Determining Identity in a Visual Basic 6 COM Object 336
    .NET Remoting 337
        More Information 337
    SSL 338
        More Information 338
    IPSec 338
    Auditing and Logging 339
        Windows Security Logs 339
        SQL Server Auditing 339
        IIS Logging 340
    Troubleshooting Tools 341
        File Monitor (FileMon.exe) 341
        Fusion Log Viewer (Fuslogvw.exe) 341
        ISQL.exe 342
        Windows Task Manager 342
        Network Monitor (NetMon.exe) 343
        Registry Monitor (regmon.exe) 343
        WFetch.exe 343
        Visual Studio .NET Tools 344
        WebServiceStudio 344
        Windows 2000 Resource Kit 344
Index of How Tos 345
    ASP.NET 345
    Authentication and Authorization 345
    Cryptography 345
    Enterprise Services Security 345
    Web Services Security 346
    Remoting Security 346
    Secure Communication 346
How To:  Create a Custom Account to Run ASP.NET 347
    ASP.NET Worker Process Identity 347
    Impersonating Fixed Identities 348
    Notes 348
    Summary 349
    1. Create a New Local Account 349
    2. Assign Minimum Privileges 349
    3. Assign NTFS Permissions 350
    4. Configure ASP.NET to Run Using the New Account 352
How To: Use Forms Authentication with Active Directory 353
    Requirements 353
    Summary 353
    1. Create a Web Application with a Logon Page 354
    2. Configure the Web Application for Forms Authentication 355
    3. Develop LDAP Authentication Code to Look Up the User in Active Directory 356
    4. Develop LDAP Group Retrieval Code to Look Up the User’s Group Membership 357
    5. Authenticate the User and Create a Forms Authentication Ticket 358
    6. Implement an Authentication Request Handler to Construct a GenericPrincipal Object 360
    7. Test the Application 362
How To: Use Forms Authentication with SQL Server 2000 363
    Requirements 364
    Summary 364
    1. Create a Web Application with a Logon Page 364
    2. Configure the Web Application for Forms Authentication 365
    3. Develop Functions to Generate a Hash and Salt value 366
    4. Create a User Account Database 367
    5. Use ADO.NET to Store Account Details in the Database 368
    6. Authenticate User Credentials Against the Database 369
    7. Test the Application 371
    Additional Resources 372
How To: Create GenericPrincipal Objects with Forms Authentication 373
    Requirements 374
    Summary 374
    1. Create a Web Application with a Logon Page 374
    2. Configure the Web Application for Forms Authentication