《如何使用Mr或回iicrosoft .NET保护应用程序和数据的安全-20050322》由会员分享,可在线阅读,更多相关《如何使用Mr或回iicrosoft .NET保护应用程序和数据的安全-20050322(7页珍藏版)》请在金锄头文库上搜索。
1、Windows应用程序开发入门到精通十二:将安全隐患扼杀在摇篮之中用Microsoft .NET来保护数据和应用程序的安全 活动日期: 2005-3-22 14:30:00 -16:00主 讲: 欧岩亮Q:认证同the Logging Application Block有何异同?A: 认证是指的Authentication。Logging Application Block用于应用程序的日志管理。Q:在三层结构中,如何实现客户端的多次调用不同的web 服务时的身份一次验证(无需每次调用都验证)A: 事情可以这样看:ClientWeb ServiceAuthentication()Credent
2、ial ObjectSomeMethode()SomeMethode()SomeMethode()Save Credential Local如果MyWeb是你对某个WebService的引用。那么你可以这样用。CredentialCache credsCache = new CredentialCache();credsCache.Add(new Uri(WS的URL), Basic, Credential Object);MyWeb mw = new MyWeb();mw.Credentials = credsCache;再用mw对象去访问WebMehodeQ:什么是luring攻击? 对I
3、nject过滤特殊字符,.net是否有公用的类来实现,还是个人凭经验来写?A: MSDN Library中有关于Luring攻击的详细说明。如下:大概的意思是,拥有低权限的代码通过调用具有高权限的代码来实现访问它原本不能访问的资源。对Inject攻击,不要自己来编写验证代码。当然自己写理论上是可以的。.NET中没有什么类能够检测他,我们需要通过ADO.NET中实现的Parameter来实现检验。实际上.NET程序中带参数的Sql我们可以理解成他们在运行时是现编译的存储过程,无论用户输入什么参数,都会作为实参传入存储过程。Code access security is a mechanism t
4、hat helps limit the access code has to protected resources and operations. In the .NET Framework, code access security performs the following functions: Defines permissions and permission sets that represent the right to access various system resources. Enables administrators to configure security p
5、olicy by associating sets of permissions with groups of code (code groups). Enables code to request the permissions it requires in order to run, as well as the permissions that would be useful to have, and specifies which permissions the code must never have. Grants permissions to each assembly that
6、 is loaded, based on the permissions requested by the code and on the operations permitted by security policy. Enables code to demand that its callers have specific permissions. Enables code to demand that its callers possess a digital signature, thus allowing only callers from a particular organiza
7、tion or site to call the protected code. Enforces restrictions on code at run time by comparing the granted permissions of every caller on the call stack to the permissions that callers must have. To determine whether code is authorized to access a resource or perform an operation, the runtimes secu
8、rity system walks the call stack, comparing the granted permissions of each caller to the permission being demanded. If any caller in the call stack does not have the demanded permission, a security exception is thrown and access is refused. The stack walk is designed to help prevent luring attacks,
9、 in which less-trusted code calls highly trusted code and uses it to perform unauthorized actions. Demanding permissions of all callers at run time affects performance, but it is essential to help protect code from luring attacks by less-trusted code. To optimize performance, you can have your code
10、perform fewer stack walks; however, you must be sure that you do not expose a security weakness whenever you do this.The following figure illustrates the stack walk that results when a method in Assembly A4 demands that its callers have permission P.Security stack walkIn one typical use of code acce
11、ss security, an application downloads a control from a local intranet host Web site directly to the client so that the user can enter data. The control is built using an installed class library. The following are some of the ways code access security might be used in this scenario: Before load time,
12、 an administrator can configure security policy to specify that code be given special authority (more permission than local internet code would usually receive) if it has a particular digital signature. By default, the predefined LocalIntranet named permission set is associated with all code that is
13、 downloaded from the local intranet. At load time, the runtime grants the control no more permissions than those associated with the LocalIntranet named permission set, unless the control has a trusted signature. In that case, it is granted the permissions associated with the LocalIntranet permissio
14、n set and potentially some additional permissions because of its trusted signature. At run time, whenever a caller (in this case the hosted control) accesses a library that exposes protected resources or a library that calls unmanaged code, the library makes a security demand, which causes the permi
15、ssions of its callers to be checked for the appropriate permission grants. These security checks help prevent the control from performing unauthorized actions on the clients computers. Q:IssueVision中使用的服务器端用Cache来存一个Key区分Login User,客户端也存这个Key,每次Retrieve WebMethod的时候都用这个Key去比对,这种方法可行和安全吗?A: 这种方法当然可行,
16、他有一定的能力来区分用户是否登陆。但是安全的级别并不高。如果需要较高的安全级别,需要使用加密技术,在传输中进行性加密。Q:sql 注入在asp中有没有比较好的解决方法A: asp中用也能够使用PrepareCommand。Q:注入问题,我平时处理是把用户输入的字符串进行替换。 把单引号替换为两个单引号。比如 str.Replace(,)。因为两个单引号在sqlserver中是表示一个单引号。A: 实际上ASP.NET中使用SqlParameter的解决办法很通用,可以适应所有的问题,无论用户输入怎样的数据,都会作为参数传入,不会影响Sql语句本身。进一步单单使用代替引号的方法不能解决所有的问题,代替引号的方法只能解决所有比较运算(=,=,=)的安全问题。还有使用SqlParamete
