.NET Framework Security - PowerPoint PPT Presentation

About This Presentation
Title:

.NET Framework Security

Description:

.NET Framework .NET Framework ... – PowerPoint PPT presentation

Number of Views:113
Avg rating:3.0/5.0
Slides: 63
Provided by: Svetli8
Learn more at: https://www.devbg.org
Category:

less

Transcript and Presenter's Notes

Title: .NET Framework Security


1
(No Transcript)
2
????????? ?.NET Framework
???????????? ?? .NET Framework
http//www.nakov.com/dotnet/
??????? ?????
?????????? ???????? ?? ?????????? ?? ???????
academy.devbg.org
3
?????????? ??????
  • ?????? ???????? ?? .NET Framework
  • ?????? ???????? ?? ????? C
  • ?????? ???????? ?? ???????? ?? CLR, ????????? ?
    ????????

4
??????????
  • ??????????? ? .NET Framework
  • ??????????? ?? ???????? ? ?????? ?? ???????
  • ??????? ?? ??????????? ??????
  • ?????????? ? ??????????? ????????. ?????? ??????
  • ?????-????????? ?????????
  • ???????????? IsolatedStorage
  • Code Access Security
  • ?????????? ?? ????????? ? .NET Framework
  • .NET Security Policy Editor
  • ????? (Permissions)
  • ???????????? ? ????????? ?????? ?? ?????
  • "Stack Walk" ? ??????? ??? ???????

5
?????????? (2)
  • Role-Based Security
  • ???????????? ? ???????????
  • Identity ? Principal ??????
  • ????????? ?? Identity ? Principal ??????
  • ??????????? ?? Principal
  • ???????????? ? .NET Framework
  • ??????????? ?? ??? ????????
  • ?????????? ?? XML (XMLDSIG)

6
??????????? ? .NET Framework
  • .NET Framework ? ?????????? ? ??????? ?? ????
    ??????? ? ???????? ?????????
  • ????????????? ??? (Managed Code) ?? ?????????
    ????????????
  • CLR ???????????? ?? ????? ?? ???????????
  • ??????????, ???????? ??? ???????????
  • Type checker ???????? ?? ????????
  • Exception manager ?????????? ?? ????????????
  • Security engine ?????????? ?? ??????????? ??
    ???? (Code Access ? Role-Based Security)
  • ??????????? ? .NET ????????? ? ???????
    ??????????? ? Windows

7
??????????? ?? ????????
  • ????????????? ??? ? ??????? ?? ?????????? ??????
    ? ????????
  • ?? ?? ????????? ????????? ??? ???????
  • ????????? ?? ?????????? ??? ??????
  • ???????????? ?? ????? ??????????
  • ?? ????? ?? ???????? ?? ?????????? ??? ?????
    ?????????? ??? ??????????? ?????
  • ?????????? ?? ???????? ?? ????? ?????? ? ???????
    ?? ???????
  • ????? ? ????????? "buffer overrun"

object bytes new byte5 char chars
(char) bytes // System.InvalidCastException is
thrown
8
????????? "Buffer overrun"
  • ? .N?? Framework ???????? ? ?????????? ?????? ??
    ????? ?? ?? ?????????

private static void CopyArray(byte src,
byte dest, int size) for (int i0
iltsize i) desti srci static
void Main() byte arr1 new byte10
byte arr2 new byte5 CopyArray(arr1,
arr2, 10) // System.IndexOutOfRangeException
is thrown
9
?????? ?? ???????
  • CLR ??????????? ????????? ???????
  • ?????????-?????????? ?????? ?? ?????????? ? ?.
    ???. Managed heap
  • ?????????????? ?????? ?? ????????? ??????????? ??
    ?. ???. Garbage Collector
  • ????? ?? ???-??????????? ???????? ?
    ?????????????? ?? ????? ??????????
  • ?????? ?? ????? (memory leaks)
  • ?????? ?? ?????????? ?????
  • ?????????? ?? ???????????????? ?????

10
??????? ?? ??????????? ??????
  • ??? ?????? ? ??????????? ???????? ?? ????????
    ??????????? ?? ????????
  • ??? ?????????? ?? ????????, ????? ?? ?? ?????? ?
    ????, ????? ? ?????????
  • ??? ????????????? ?? ??????
  • ? .NET Framework ??? ??????? ????????? ??
    ?????????? ?? ??????????? ??????????? ??
    ????????????? ??????
  • ? C ?? ???????? ????????? ???? checked

checked int square aa
11
??????? ?? ??????????? ??????
  • ??????? ???? checked ? unchecked
  • ???????? / ????????? ?????????? ?? ?????????? ??
    ????? ????????? ?????
  • ?? ???????????? ?????????? ?? ?????????? ?
    ?????????
  • ???? ?? ?? ???????/???????? ? ????? ?? C
    ??????????? ? ? ????????? ??? VS.NET

csc /checked SomeFile.cs
12
???????????? 1
  • ??????????? ?? ???????? ? ????????????? ????????

13
Application Domains
  • Application Domains
  • ?????????? ??????? .NET ?????????? ?? ??????? ?
    ???? ?????? ?? ??
  • Application Domains ?? ????????? ???? ?? ???? ??
    ?????, ????? ? ???
  • ????????? ????????????????
  • ?? ? ?????????? ????????????? ??????????? ???
    ?????? ?? ?????
  • ???????? ????????? ??? ?????????? ?? ??????
    ???????
  • ???? ???? ?? ?? ?????????
  • ???????? ? ?????????? ?? .NET ?????????? ?
    ?????????? ?????

14
?????????? ????????
  • ???????????? ???????? ?????
  • ??????? ? ????????? ? ???? ? ??? ????
  • ??????? ?????
  • ????? ?? ?????????? ?????? ?? ?????
  • ????????? DES, 3DES, RC2, RC4, IDEA
  • ???????? ? ??????????

??????? ????????
?????????? ????????
?????????? ????????
????????
??????????
15
??????????? ????????
  • ?????????????? ? ???????? ??????? (Public Key
    Cryptography)
  • ???????? ??????????? ???????
  • ?????? ????????? ???????? / ????? ????
    (public/private key pair)
  • ?? ?????? ???? ?? ???? ?? ?? ??????? ???????
  • ?????? ????? ??-????? ?? ????????????
    ????????????
  • ?? ?????? ????? ? ?????? ?? ?????
  • ????????? RSA, DSA, Diffie-Hellman, ECDSA
    (Elliptic-Curves DSA)

16
??????????? ????????
  • ?????????????? ? ???????? ???????
  • ???? ?? ???????? ???????????????? ?? ?????????
    ???? (PKI)
  • T. ???. ????????????? ??????????? ???? ???????
    ??????????? ?????????? ?? ????? ???????? ???? ?
    ??????? ? ?????? ????
  • ???????? ? ??????????

??????? ????????
?????????? ????????
?????????? ????????
????????
??????????
17
?????? ??????
18
?????-????????? ?????????
  • ??????? ??? ?? ???????
  • ???????? ???????????? ?????????
  • ??????? ?????? ?????? ? ????????? ?? ????
    ???????? ????
  • ?????? ?? ??
  • ??? (????. System.Windows.Forms)
  • ?????? (????. 1.0.5000.0)
  • ??????? (????. neutral)
  • ???????? ???? (????. b77a5c5...4e089)
  • ?????? ??????
  • ??????????? ?? ????????? ????
  • ????????? ?? ?? CLR ??? ????????? ?? ?????????

19
?????-????????? ?????????
  • ?????-??????????? ?????????
  • ?? ?????????? ??????? / ??????????
  • ???????????? ????????????? ?? ?????????????
  • ?????????? ??????? ?????? ?? ???? ? ???? ???????
    ?? ?? ?????????? ? ????????? ??????????
  • ?????????? ?? ?????? ???????
  • ?????????? ?? ???????

sn k MyKeyPair.snk
assembly AssemblyKeyFile(_at_"..\..\MyKeyPair.snk
")
20
?????-????????? ?????????
  • ?????-??????????? ????????? ????? ?? ??
    ?????????? ? Global Assembly Cache
  • ??????????? ? ????????????? ?? GAC
  • ??? ???????? ?? ?????????? ?? ????? ???????
    (A.dll) ??? ?????-????????? ??????? (S.dll)
  • ?????????? ???? ?? S.dll ?? ??????? ?
    ????????????? ??????? A.dll
  • ???? A.dll ?? ??????? ???? ? ??????????? ??????
    ?? ????????? S.dll

gacutil i MyAssembly.dll
gacutil u MyAssembly
21
???????????? 2
  • ????????? ?? ??????? ??? ????? ??? ? ???????????
    ? GAC

22
???????????? IsolatedStorage
  • ???????????? IsolatedStorage
  • ????????? ??????????, ????? ???? ????? ?? ??????
    ?? ???????? ????? ????, ?? ????????? ???????
    ???????
  • IsolatedStorage ?????????? ????????? ?????????
    ??????? ???????
  • ?????????? ?? ????
  • ??? ?? ????????? ?? ???????????? ?????? ??
    ?????????? ??????? ?? ??????? ????
  • ????? ?? ???????? ?? ??????????, ???????? ?
    ???????? ?????
  • ???????? Windows Forms ????????, ?????????? ??
    Web-???????? ? ????????

23
???????????? IsolatedStorage
  • ??????????? ?? ????? (IsolatedStorage) ????? ??
    ???? ??????
  • IsolatedStorageScope.User ??????????? ? ??
    ??????? ??????????
  • IsolatedStorageScope.Assembly ??????????? ? ??
    ???????? ???????
  • ????????? ????? ?? ?? ??????????
  • ?????????? ?? IsolatedStorage

IsolatedStorageFile store
IsolatedStorageFile.GetStore(
IsolatedStorageScope.User
IsolatedStorageScope.Assembly, null, null)
24
???????????? IsolatedStorage
  • ???????? ?? ???? ?? IsolatedStorage
  • ?????????????? ?? ?????????
  • ???????? ? ??????? ? ??????????
  • GetDirectoryNames(), GetFileNames(),
    DeleteFile(), CreateDirectory(),
    DeleteDirectory()

IsolatedStorageFileStream stream new
IsolatedStorageFileStream( "notes.txt",
FileMode.Open, FileAccess.Read, isoStore)
C\Documents and Settings\ltusernamegt\Local
Settings\Application Data\IsolatedStorage\...
25
???????????? 3
  • ?????? ? IsolatedStorage ?? ?????????????
    ???????? ? IE

26
????????? ?? ????
  • ??????????? "????????? ?? ????" (Code Access
    Security) ? ????????????? ??????? ??? ??????? ??
    .NET Framework
  • ????????? ????????? ?? ????????? ?? ?????????????
    ???????
  • ??????????? ?? ????????? ??
  • ???????a?? ?? ????????? (.NET Framework Security
    Policy) ????
  • ????? (permissions)
  • ????????????? ?? ???????? (evidences)
  • ?????????? ?????? ? ????? ????? ?? ?????????
    ????? ??????? ?????? ???????? ????????????? ??
    ????????

27
????????? ?? ????
  • Code Access Security ????????? CLR ?? ?????????
    ????????? ??? ? ?????????? ?????, ??-????? ??
    ??????? ?? ???????????
  • ?? ????? ??????? CLR ?????? ?????????? ??
    ????????????? ?? ???????? (evidences)
  • ????? ??? ?? ???????
  • URL, ?? ?????? ???? ?????????
  • ???????? ????, ?? ?????? ???? ?????????
  • Authenticode ?????? ??????
  • ???-??? ?? ?????????
  • CLR ?? ???? ?? ???? ?? ????? ??????? ?????,
    ??-?????? ?? ??????? ?? ??????? ?????????? ? ??

28
?????????? ?? ????????? ? .NET
?????? ????????
???????? ?????? ? ????? (Permission Set) ???????????? ???????? ?????? ? ????? ??????? FullTrust (?????? ?????) User Interface Printing Web Access
????? ??? (Code Group) ?????? ?? ?? ????????????? ????????? ????????? ? ??????? ?????????????, ????. ?????? ?????????, ?????? ?? http//www.devbg.org/ ??????? ?? ?????????? ??????????
???????? ?? ????????? (Security Policy) ?????? ?? ?? ???????????????? ??????? ?? ?? ????? ?? ?????????? ???????? ??????????? ??????? ? ????? (Permission Sets) ???????? ??????? ??? (Code Groups) ?????? ?????? ? ????? ?? ????? ????? ??? (??????? ??????? ? ???????)
29
???? ?? ?????????? ?? ?????????
  • ??? ??????? ???? ?? ??????????
  • Enterprise ???????? ?? ????????????? (?? Windows
    ???????)
  • Machine ???????? ?? ?????? ??????????? ??
    ????????
  • User ???????? ?? ??????? ??????????
  • ??????????? ???????? ? ????????? ?? ???????,
    ?????? ?? ????? ????

30
.NET Security Policy Editor
31
???????????? 4
  • .NET Security Policy Editor ????????? ??
    ??????? ?? ?????? ??????? ?? SHA1 ??? ???

32
????? (Permissions)
  • Permission ???????? ????????????? ??????????
    ????? (??????????) ?? ?????? ?? ?????? ???
    ?????????? ?? ??????? ????????, ????????
  • ????? ?? ???????? ?? ???????
  • ????? ?? ?????? ?? SQL Server
  • ???????? ?? ????? (permission grant) ????????? ??
    ?????? ??????? (???) ?? ?? ????????
  • ??????????? ?? ????? (permission demand)
    ????????? ???? ??????????? ??? ??? ?????? ?????

33
?????????? .NET ?????
  • .NET Framework ???????? ?????????? ??????? ??
    ??????? ?? ?????? ?? ???????

????? ????????
FileIOPermission ?????? / ?????? ?? ????????? ???????
IsolatedStorageFilePermission ?????? ?? ????????? ????????? ??????? ??????? ??? "IsolatedStorage"
UIPermission ?????????? ?? Windows Forms GUI
FileDialogPermission ?????? ?? ??????? ?? ????? ?? ????
PrintingPermission ???????? ?? ???????
WebPermission ?????? ?? Web ???????
SocketPermission ?????? ??? ??????
OleDbPermission, SqlClientPermission ?????? ?? ???? ????? ???? OleDb ??? SQLClient Data Provider-???
RegistryPermission ?????? ?? Windows Registry
ReflectionPermission ?????? ?? Reflection
34
???????????? ?????? ?? ?????
  • ???????? ?? ????? (permission request)
  • ???????? ?? ?? ?? ?? ????? ????? ????? ???????
    ?????? ???????, ????? ??? ???????? ?? ????, ?? ??
    ?????? ????????
  • ?????? ?? ???????????? ???? ????????
  • ??? ?????????? ????? ?? ???? ?? ???? ??????, ??
    ?????? SecurityException
  • ??? ?????????? ????? ?? ?????? ??????? ?? ????
    ??????, ????????? ?? ?? ???????
  • ???????? ?? ???-????? ?? ????????? ???

assembly PrintingPermission(
SecurityAction.RequestMinimum,
LevelPrintingPermissionLevel.SafePrinting)
35
???????????? ?????? ?? ?????
  • ??? ?????????????? ?????? ?? ????? ?? ??????
    ????????? SecurityAction
  • RequestMinimum ??????, ?? ????????? ?? ???? ??
    ?????? ??? ??????????? ?????
  • RequestRefuse ??????, ?? ????????? ????
    ?????????? ????? ?? ?? ???? ??????
  • Demand ??????, ?? ?????? ????????? ?? ????? ??
    ????????? ?????? ?? ???? ?????????? ?????
  • Assert, Deny, PermitOnly ??????? ?? ?? ???????
    ? ??????
  • ?????????? ??????????? ?? ?????????? ??? ????
    ???????????? ?? ?. ???. "Stack Walk"

assemblyFileIOPermission(
SecurityAction.RequestRefuse, All"C\\")
36
???????????? 5
  • ???????????? ?????? ?? ?????

37
????????? ?????? ?? ?????
  • ??????????? ?????? ?? ?????
  • ????????? ????? ??? ?? ?????? ?????? ????? ??
    ????? ?? ??????????
  • ???????? ?? ???-???? ??? ?????????? ?? ??????????
    ? ??????? ? ????????? ???
  • ??????
  • ??????? Demand() ????????? ???? ???????? ???????
    ? ?????? ????????? ?? ????????? ?? ????? ????
    ?????????? ?????
  • ??????????? ?????????? ??? ???????

FileDialogPermission fdp new FileDialogPermissio
n( PermissionState.Unrestricted) fdPerm.Deman
d()
38
????? ? "Stack Walk"?
???? ?? ????????????
1. ????? ??????? ???? ?????? ?? ????? ? ??????
??????? 2. ?????? ??????? ???????? ???????? ??
????? ???????? ??????? ?? .NET Framework 3.
????????? ?? ????????? ????????? ???? ??????
????????? ? ????? ???? ???????????? ????? ?
????????? ???? ?????? 4. ??? ??????? ????????? ??
????????? ?????? ??????????
SomeAssembly
Grant Execute
YourAssembly
Grant ReadFile
Permission Demand
Security System
.NET Framework Assembly
Grant access?
Security exception Access denied
Grant ReadFile
39
???????????? 6
  • ????????? ?????? ?? ?????

40
??????? ??? ???????
  • ??????? ?? ?????? ?? ???? (code-access
    permissions) ???? "Stack Walk" ?????????
  • ?? ?? ?? ???? ?????? ????? ?? ???? ???????,
    ?????? ?????? ????????? ????????? ?? ????? ????
    ?? ?? ????
  • "Stack Walk" ?????????? ?? ????????? ??????? ?
    ????? ????? ?? ???????? ??????????? ???????? ????
    ??????? ? ??????
  • ???????? ? ????????? ??????????? ????? "Stack
    Walk" ???????????
  • ?????? ?? ????? ???? ?? ?? ?????????? ???????
    ?? ??????????? ??????
  • ?????? ?? ????? ????? ????? ?? ?? ????? ??
    ?????????? ??????

41
??????? ??? ???????
  • ??? ?????? ?? ?????????? ?? ?????? ???? ???????
    ?? ?????? ???????? ????? ?? ??????? ?? ?????
  • ???????? ?????? ??????????? "Stack Walk"
    ???????????
  • Assert() ????????? ??????? ????? ?? ??????
    ??????? ????? ?? ????????? ??, ?????????? ??
    ??????? ?? ??????????? ?? ?????????
  • Deny() ???????? ?????? ???????? ????? ?? ??????
    ?????? ???????? ?? ???????
  • PermitOnly() ???????? ?????? ?????? ????? ???
    ???????? ?? ?????? ?????? ???????? ?? ???????

42
???????????? 7
  • ??????? ??? "Stack Walk" ??????????? ???? Assert()

43
????????? ???????? ?? ????
  • ?????????, ???????? ?? ???? (Role-Based Security)
  • ?????????? ???????? ?? ??????? ?? ??????? ? .NET
    Framework
  • ???? ?? ?? ???????? ????????? ? ????????????
  • ?????? ?? ?? ??????????? ? ???? (Identities ?
    Principals)
  • ????? ????? ? .NET Framework ?? ??? ?????????? ?
    ????, ???????? ? ???

44
???????????? ? ???????????
  • ???????????? (authentication)
  • ???????? ?? ???????? ???? ????? ?????????? ?
    ????, ?? ????? ?? ?????????
  • ???? ?? ????? ? ??????, ??? ??????????, ???
    ?????-????? ??? ?? ???? ?????
  • ??????????? (authorization)
  • ???????? ?? ???????? ???? ????? ?????????? ???
    ????? ?? ??????? ?????? ????????
  • ?????????? ?? ?? ???????????? ? ???????
    ????????????
  • Role-Based Security ????????? ????????? ??
    ??????????? ? .NET ????????????

45
Identity ? Principal ??????
  • Identity (???????????) ??????????
  • ??????? ?????????? ?? ???????????, ? ????????? ??
    ????? ?? ????????? ????
  • ??????? ??? ?? ??????????, ??????, ???? ?
    ???????????? ? ??.
  • Principal (?????????) ????
  • ??????? ????????? ?? ????????? ?? ???????????, ?
    ????? ?? ????????? ????
  • ??????? ??????, ? ????? ???????????? ???????
  • ??????? Identity ???????????? ?? ???????????

46
Identity ? Principal ??????
  • ? .NET Framework ??? ??? ???? Identity ?
    Principal ??????
  • WindowsIdentity ? WindowsPrincipal
  • ???????? ?? ? ????????????? ? ??????? ???? ?
    ????????? ?? Microsoft Windows
  • ???????? Windows ?????????? ??????????
  • GenericIdentity ? GenericPrincipal
  • ????? ?????????? ?? ???????????? ?? ?????????
    ??????? ?? ???????????
  • ???????? ??????????, ???????? ?? ???????????,
    ????? ?? ? ????????? ? Windows

47
WindowsPrincipal ??????
  • ????????? ?? ??????? Windows ?????????? ?
    ?????????? ?? ????

WindowsIdentity winIdentity
WindowsIdentity.GetCurrent() Console.WriteLine("W
indows login 0", winIdentity.Name) Windo
wsPrincipal winPrincipal new
WindowsPrincipal(winIdentity) bool isAdmin
winPrincipal.IsInRole( WindowsBuiltInRole.Admi
nistrator) Console.WriteLine("Administrator
0", isAdmin) bool isGuest
winPrincipal.IsInRole( WindowsBuiltInRole.Gues
t) Console.WriteLine("Guest 0", isGuest)
48
???????????? 8
  • ????????? ?? ??????? Windows ?????????? ?
    ?????????? ?? ????

49
????????? ?? GenericPrincipal
  • ?????? ??? ?????????? ?? ????????? ???????????? ?
    ???????????
  • ????????????? ?? ???????????
  • ????????? ?? GenericIdentity ? GenericPrincipal
    ??????
  • ???????? ?? Principal ?????? ?? ???????? ?????

if (ValidLogin(user, pass)) // User
authenticated
GenericIdentity id new GenericIdentity("some
user") string roles "Manager", "Developer",
"QA" GenericPrincipal prin new
GenericPrincipal(id, roles)
System.Threading.Thread.CurrentPrincipal prin
50
??????????? ?? Principal
  • ???????????? ????????
  • ??? ???????? ????? ?? ???????? ?? ?????????
    ?????????? ??? ????, ?? ?????? SecurityException
  • ? ??????? ?? ????????????? ? ?????? ?? ??
    ?????????? ????? ?? ?????? ?????

PrincipalPermission(SecurityAction.Demand, Role"
Developer", Authenticatedtrue)
PrincipalPermission(SecurityAction.Demand, Name"
??? ????")
51
??????????? ?? Principal
  • ????????? ????????

if (principal.IsInRole("Administrators"))
// Perform some action
if (principal.Identity.Name "????") //
Perform some action
PrincipalPermission prinPerm new
PrincipalPermission("????", "Tester") prinPerm.De
mand() // Throws SecurityException if the check
fails
52
???????????? 9
  • ??????????? ? ??????????? ? ????

53
???????????? ? .NET Framework
  • .NET Framework ??? ????? ????????? ??
    ????????????? ????????? ? ??????????
  • ? System.Security.Cryptography ?? ??????????????
  • ????????? ?? ????????? ?? ???
  • MD5, SHA1, SHA256, SHA384, SHA512
  • ?????????? ???????? ?????????
  • DES, 3DES, RC2, Rijndael/AES
  • ??????????? ???????? ?????????
  • RSA, DSA
  • ??????? ?? ?????? ? X.509 ??????? ???????????

54
??????????? ?? ??? ????????
  • ????????? ?? SHA1 ??? ????????

using System.Security.Cryptography using
System.Text Console.Write("Enter some text
") string s Console.ReadLine() byte data
Encoding.ASCII.GetBytes(s) SHA1CryptoServiceProv
ider sha1 new SHA1CryptoServiceProvider()
byte sha1hash sha1.ComputeHash(data) Console
.WriteLine("SHA1 Hash 0",
BitConverter.ToString(sha1hash))
55
?????????? ?? XML (XMLDSIG)
  • ???????????? ?? XML ????????? ????? ?? ?????????
    ?? W3C
  • "XML-Signature Syntax and Processing"
  • http//www.w3.org/TR/xmldsig-core/
  • ? .NET Framework ??? ????? ????????????? ??
    ????????? ? ?????? System.Security.Cryptography.Xm
    l
  • ?????????? ? ???????? ?? ??????
  • ??????? ???????
  • SignedXml ????????? ????????? ? ???????? ?? XML
    ?????????
  • DataObject ??????? ???????, ????? ?? ?????
    ?????????

56
????????? ?.NET Framework
????????
57
??????????
  1. ??????? ????????? ?????????????? ?? ??????????? ?
    .NET Framework ??????????? ?? ????????, ??????
    ?? ???????, ?????? ?? ??????????? ??????,
    ?????????? ?? ???????????, IsolatedStorage, Code
    Access Security, Role Based Security ? ??.
  2. ???????? ?????????? (Class Library ?????? ???
    VS.NET), ????? ??????? ???? ??? ???????? ?????
    PrintVersion(), ????? ????????? ?? ?????????
    ???????? ?? ?????????, ?? ????? ? ??????? ?????.
    ???????????? ????????? ? 2 ???????? ?????? (1.0 ?
    2.0), ????????? ??, ????????? ?? ??? ????? ?????
    ? ?? ???????????? ? GAC. ???????????? 2 ????????
    ??????????, ????? ??????? ????????? ?????? 1.0 ?
    2.0 ?? ?????????.

58
??????????
  1. ???????? Windows Forms ???????? ?? IE, ?????
    ????????? ????????? ?? ?????? ??? ??????, ?????
    ?? ?????????? ? IsolatedStorage ?? ???????
    ??????????. ?????????? ?????? ?? ?????????
    ??????????? ?? ??????, ???????? ? ????????? ??
    ??????, ????? ?? ?????????? ? IsolatedStorage.
  2. ???????? Windows Forms ???????? ?? IE, ????? ????
    ?? ??????, ????????? ? ??????? ???????? ???????
    ?? ???????? ???? ?? ???????????. ?? ????????????
    ?????????? ?? ??????? ???? ???? ?? ??????.
    ????????? ????????? ?? ?????????? ?? ??? ?????
    ???. ???? Security Policy Editor ????? ????? ??
    ?????? ? ?????? ?? ????????? ?? ??????????, ????
    ????????? Code Group ?? ??????? ?? ???.

59
??????????
  1. ???????? Windows Forms ??????????, ?????
    ????????? ????????? ? ????????? ?? ????????
    ???????. ???????????? ?????? ?? ?????????
    ????????? ??? ???? ? ??????? ?? ???????
    ??????????, ??? ??? ????? ?? ???? ??? ?
    IsolatedStorage ??? ???? ?????. ??????? ?????? ??
    ?? ?????????? ?????????.
  2. ???????? ?????????? (DLL), ????? ????????
    ?????????????? ?? ???????????? ?? ?????????? ??
    username ? password ? ???????? ?? ??????????? ??
    ?????? username/password. ???????????? ??????
    ????????? ??????? ?? ? XML ???? ? ?? ????????
    ??????????? ?? ????? ?? ?????? ?? ?????. ???????
    ? ????? ?????, ????? ?? ????? ?? ????? ?????,
    ?????? ?? ????? ?? ??????? ???????????????? ??
    ????????????.

60
??????????
  1. ? ??????? ?? Role Based Security ?????????
    ??????????, ????? ????????? ????????????? ?
    ?????? ???????. ?????????????, ??????? ?????? ?
    ?????? ?? ????? ?????????? ?????? ?? ??
    ?????????? ? XML ????. ?????????? ???? ?? ?????
    ?????????? ?? Guest, User ? Admin. ??????? ?
    ????????? ???? ????? ?? ?? ??????????? ? ????
    ?????. ????????????? ? ????????? ???? ????? ??
    ???????? ??????? ?? ?????? ????????????
    ???????????. ???????????????? ???? ????? ??
    ?????????? ??????? ? ?????? ?? ??????
    ???????????. ??? ??????? ?????????? ?????????
    ?????? ?? ???????? ????? ?? ????????????, ?????
    ????????? ??????? ???? ??????? ?????????? ???
    ??????? ???? ???? ??? ??????. ?????????? ??
    ?????? ?? ?? ????????? ???? GenericPrincipal.

61
??????????
  1. ???????????? ???????????? ?? ??????????? ??????,
    ???? ??????????? ???????? ?? ????????????? ??
    ???? ???? ?????, ? ???? SHA1 ??? ????????. ????
    ?? ???? ??-?????? ????????? ?? ??????????

62
?????????? ??????????
  • Svetlin Nakov, Implementing Application Security
    Using the Microsoft .NET Framework Lecture at
    the National Conference "Information Technologies
    in the Education A Necessary Investment for the
    Future of Bulgaria", Sofia, April 2004
  • MSDN Lectures, Implementing Application Security
    Using the Microsoft .NET Framework
    http//downloads.microsoft.co.za/MSDNEssentials/20
    040402/AppSecurity.ppt
  • Understanding .NET Code Access Security http//
    www.thecodeproject.com/dotnet/UB_CAS_NET.asp
  • MSDN Library http//msdn.microsoft.com
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: ".NET Framework Security" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!