The .Net Security Model - PowerPoint PPT Presentation

1 / 14
About This Presentation
Title:

The .Net Security Model

Description:

Evidence-based security based on the code, not the user executing the code. ... Evidence-Based Security. Assigns permissions to an assembly based on evidence. ... – PowerPoint PPT presentation

Number of Views:42
Avg rating:3.0/5.0
Slides: 15
Provided by: mct3
Category:

less

Transcript and Presenter's Notes

Title: The .Net Security Model


1
The .NetSecurity Model
(c) Allan C. Milne School of Computing Creative
Technologies University of Abertay Dundee
Last updated 26th July 2006
2
Agenda
  • The security system
  • Role-based security
  • Evidence-based security
  • Evidence permissions
  • Policy management

3
Introduction
  • In addition to type verification the CLR also
    implements a security model.
  • In this presentation we provide an overview of
    the security model adopted by the .Net Framework.
  • The technical details of the operation of the
    model is outwith the scope of this presentation.

4
The Security Model
  • The security system uses two models.
  • Role-based security based on roles and
    identities.
  • Evidence-based security based on the code, not
    the user executing the code.
  • Most aspects of the security system can be set by
    an administrator.

5
Role-Based Security
  • Similar to users and groups in the o/s.
  • Uses two abstractions
  • Identity represents the logical user.
  • Principal representation of the roles belonging
    to the user.
  • Each thread has only one principal and each
    principal has one identity.

6
Evidence-Based Security
  • Assigns permissions to an assembly based on
    evidence.
  • The source location of the assembly is used as a
    primary factor in determining evidence.
  • Evidence determines the assembly's permission to
    use resources.

7
Outline Process
  • The CLR of the hosting environment attaches
    evidence to an assembly when it is loaded (either
    from the GAC, download cache or storage).
  • This evidence is then mapped onto a set of
    permissions.
  • These permissions determine access to specific
    resources.

8
Evidence
  • presented to the security system by the hosting
    environment includes
  • zone (similar to that of IE)
  • URL
  • site
  • source directory
  • is matched against CLR policies to ascertain
    permissions for the assembly.

9
Permissions
  • represent authority to perform operations on
    resources.
  • can be
  • granted when loading an assembly, or
  • demanded to check if permission has been granted
    for a resource.
  • are collected into sets that can be combined in
    various ways.

10
Policy Management
  • The creation of permission sets from evidence is
    performed by the policy manager.
  • This CLR component creates the permissions set
    for the program by looking at policies set for
    different levels of the environment.
  • Policies can be set by an administrator or
    inspected and set programmatically.

11
Policy Levels
  • There are four policy levels
  • Enterprise
  • Machine
  • User
  • Application domain
  • Each level produces a permission set and these
    are intersected to produce the permission set for
    the program.
  • A higher level can override the requirement for
    intersection of a lower level.

12
Policy Manager The CLR
Common Language Runtime
Assembly
Permission Sets
13
Stack Walks
  • This is an essential but expensive part of the
    security system.
  • When certain system resources are accessed a
    stack walk may be demanded.
  • This verifies that all calls in the call chain
    have appropriate permissions.

14
Activation Records
  • A new activation record is put on the stack every
    time a method is called.
  • An activation record contains parameters, return
    address, and local variables.
  • In a stack walk each activation record in the
    call chain is checked for appropriate permissions.
Write a Comment
User Comments (0)
About PowerShow.com