Review of Keith Brown's book ".NET developer guide to Windows Security"
Keith's book is a great guide into .NET/Windows security with valuable tips
on authentication protocols, network security, access control and common
security tasks (e.g. locking, deployment, login off, storing secure data) This
book would be of interest to Software Engineers, Software Architects and, to
some extent, IT managers. There is considerable overlap between this book and
Keith’s previous book on Windows Security, so you may not want to buy both.
For many software developers/managers, windows security remains a hindrance
rather than a very helpful and essential infrastructure - I would like to see
more coverage of common security tasks. Discussion of security in non Microsoft
implementations of .NET (e.g. Mono) would also be very interesting.
Chapter1:
Good introduction into security issues including programming, threat modeling,
principle of least privilege, authentication, and privileges. Useful tips on
VS.NET development, deployment, and windows auditing.
However, I felt that isolated storage, a new concept for many developers, should
be discussed more at length. It would also be helpful to have an overview of
uses of user profile directory by modern applications and get author’s opinion
on why and how Isolated storage concept will affect these uses.
Keith cites Blind Man’s Bluff (BMB) as saying that successful intelligence
gathering by the United States helped end the Cold War. This is contrary to the
widely held opinion that the Cold war ended because of the collapse of the
Soviet Union and not because of eavesdropping on an underwater cable 30 years
ago.
Chapter 2:
Excellent discussion of Windows Security with code examples on SID manipulation,
tokens and impersonation. Discussion of impersonation and null sessions is
especially useful
Chapter 3:
Chapter starts with explanation of role based security and the simplification it
brings to server security administration. The author makes a good point by
stressing that role based security is centered around the user rather than a
particular object.
Then the author discusses ACL based security which focuses on objects rather
than users. In item 41 the author makes an interesting point about object
ownership and how granting somebody a full control may compromise the system.
Chapter 4:
Good explanation on how to configure authentication and impersonation in ASP.NET
Chapter 5:
Keith explains how to add Windows Authentication and SSPI or Kerberos when
running .NET Remoting or Sockets - very useful information. IPSEC discussion is
also helpful.
Chapter 6:
This chapter provides helpful tips on Common Security tasks. Deployment,
locking, login and login off are useful subjects for many software developers.
I would have added a few things to this chapter:
1. Handling of server certificates, especially invalid ones. For a while, I have
been using the following code to handle invalid server certificates:
//This code appeared at a newsgroup
public enum CertificateProblem : uint
{
CertNOERROR = 0x00000000, // This is an unconfirmed assumption
CertEXPIRED = 0x800B0101,
CertVALIDITYPERIODNESTING = 0x800B0102,
CertROLE = 0x800B0103,
CertPATHLENCONST = 0x800B0104,
CertCRITICAL = 0x800B0105,
CertPURPOSE = 0x800B0106,
CertISSUERCHAINING = 0x800B0107,
CertMALFORMED = 0x800B0108,
CertUNTRUSTEDROOT = 0x800B0109,
CertCHAINING = 0x800B010A,
CertREVOKED = 0x800B010C,
CertUNTRUSTEDTESTROOT = 0x800B010D,
CertREVOCATION_FAILURE = 0x800B010E,
CertCN_NO_MATCH = 0x800B010F,
CertWRONG_USAGE = 0x800B0110,
CertUNTRUSTEDCA = 0x800B0112
}
public class OpenCertificatePolicy : System.Net.ICertificatePolicy
{
public OpenCertificatePolicy() { }
public bool CheckValidationResult(ServicePoint srvPoint, X509Certificate
certificate, WebRequest request, int certificateProblem)
{
….
//return true if testing with invalid certificate
return true;
}
}
2. ASP.Net security infrastructure e.g. manifest verification
Copyright© 2004-2006 Aleksey Nudelman