Focus on Microsoft Technologies - Tutorials, Articles, Code Samples.

Friday, August 25, 2006

ASP.NET Security Issues by Microsoft

Security versus Ease of Access
There are lots of different types of Web sites with varying security needs. Some Web sites (search engines, for example) collect no information about their users, and publish data that is widely available. These sites don't have much to lose by having a rather open security policy, and they try to make their sites as easy to use as possible. Other sites (online banking sites, for example) may collect demographics, credit card numbers, and other personal information from their customers in order to provide their services. These Web sites need much stronger security policies. They have sensitive data, and thus their users must jump through a few more hoops to avoid opening security holes. Forcing users to view portions of a site via Secure Sockets Layer (SSL), for instance, puts a much greater load on the Web server, and this ultimately increases latency for each individual user. SSL sessions are very expensive to establish.
It's important to note that just because a search engine doesn't deal in personal or proprietary information, it cannot simply ignore security. There are many individuals and organizations that pride themselves on being able to successfully attack popular Web sites or sites that they find offensive. Consider the myriad of government Web sites whose main pages have been replaced wholesale by an attacker, as well as the distributed denial of service (DDoS) attacks against many Fortune 500 companies.
Anyone developing a public Web site today really needs to have a strategy for protecting their site from digital terrorists. In order to even begin developing this sort of strategy, you must first understand how the underlying platform works. With this in mind, I'll start by explaining how ASP .NET applications are hosted on the server, and discuss some server-side settings that you can use to protect your site. As I write this, the .NET platform is in its second beta. Things may change a bit by the time the platform is released.
As a security-conscious developer, you should care what security context your code runs in. Contrary to what many developers would like to believe, it's always best to run your code with the least amount of privileges possible. This is called the Principal of Least Privilege, and even the most well-intentioned developer should stick to it because none of us are perfect. Always remember that a bad guy can exploit many, if not all, bugs in your application. Running with only the privileges you absolutely need allows the operating system to do its job and protect you from your own imperfect code. So one of the first things I'll ferret out is what security context your ASP .NET application runs in.

ASP.NET Security Issues By Microsoft

Post a Comment