Upload
mikhail-shcherbakov
View
274
Download
0
Tags:
Embed Size (px)
Citation preview
Know Your Security Model
Mikhail Shcherbakov
9-я конференция .NET разработчиков
12 октября 2014
dotnetconf.ru
2
About me
• Senior software developer at Positive
Technologies
• Working on Application Inspector - source
code analyzer
• Previous team lead at Acronis and Luxoft
3
Terms
C# 5.0 Language Specification
Common Language Infrastructure (CLI) Standard ECMA-335
4
.NET Framework 4 Security
Architecture • Application Domains
• The verification process
• Code Access Security (CAS)o Policy
o Permissions
o Enforcement
• Role-based securityo Authentication
o Authorization
o Principal and Identity
• Cryptography
5
.NET Framework 4 Security
Architecture • Application Domains
• The verification process
• Code Access Security (CAS)o Policy
o Permissions
o Enforcement
• Role-based securityo Authentication
o Authorization
o Principal and Identity
• Cryptography
6
Knowledge in Practice
• CAS is the base of security
• Development of extensible and security-
sensitive applications
• Troubleshooting and knowledge about the
internals
o ASP.NET / IIS o Silverlight
o SQL CLR o XBAP
o ClickOnce o Sharepoint
7
Application Domains
• Fully Trusted and Partially Trusted
• Heterogeneous and Homogeneous
• Sandboxing by AppDomain
8
Type Safety
• C# compilation
• Just-in-time (JIT) compilation
• Native Image Generator (Ngen.exe)
• PEVerify tool
9
Code Access Security
• Policy (deprecated in .NET Framework 4)
• Permissions
• Enforcemento Fully Trusted assemblies in Partially Trusted AppDomain
o Security Transparency Code
o Assert permissions
o SecurityPermission o RegistryPermission
o ReflectionPermission o SocketPermission
o FileIOPermission o WebPermission
10
Level 2 Security Transparency
CriticalFull Trust code that can do anything
Safe Critical
Full Trust code Provides access to Critical code
Transparent
Only verifiable code Cannot p/invoke Cannot elevate/assert
11
Security Transparency Attributes
Assembly
Level
Type
Level
Member
Level
SecurityTransparent
SecuritySafeCritical
SecurityCritical
AllowPartiallyTrustedCallers
SecAnnotate.exe - .NET Security Annotator Tool
12
Demo MS13-015 vulnerability
Could Allow Elevation of Privilege (KB2800277)
Exploited by Trusted Chain attack
13
Thank you for your attention!
Mikhail Shcherbakov
Positive Technologies
linkedin.com/in/mikhailshcherbakov
github.com/yuske