Chapter 13. Implementing Security

Security is one of the subtlest aspects of distributed application design because it must be implemented at many different levels. When programmers talk about securing an application, they might be referring to any of the following:

• Using authorization and authentication to ensure that users can perform only specific, allowed tasks

• Filling coding holes that could enable a crafty attacker to read files or execute SQL statements beyond the intended permissions

• Using encryption to encode information sent between application components

• Using code access security to prevent malicious code from executing

• Implementing some sort of licensing or copy protection to prevent users from redistributing the application without permission

In fact, these topics only scratch the surface of security, which includes everything from locking the server-room door to auditing program actions with a log (so suspicious behavior can be discovered and investigated). The real challenge with security is determining where the most significant vulnerabilities in an application are. No company has unlimited resources to tackle every possible security problem. For that reason, an experienced developer doesn't aim to make a perfectly invulnerable application just one that's secure for all practical purposes. This means that the encryption used to protect information might not be unbreakable it might just be strong enough that by the time the code is cracked, the information is no longer useful. Similarly, a distributed system might use ticket-based authentication with expiration dates, limiting the effect of a security breach to a single session. Therefore, when implementing security you have to start by deciding what level of security you need and what risks you're prepared to accept. A system that uses security to provide subscription access to news articles probably requires a lower level of security than one that handles information about financial transactions. Similarly, a system is only as strong as its weakest point. That means there's little point in perfecting an advanced encryption system if you're also in the habit of e-mailing user passwords to individuals in clear text.

This chapter explores some of the techniques you can use to secure remote components and XML Web services. We'll consider Microsoft Windows authentication and custom role-based authentication as well as the advantages and limitations of both approaches. We'll also delve into encryption with the Microsoft .NET Framework and explore how you can implement encryption on your own or acquire it for free with the Secure Sockets Layer (SSL) protocol. Finally, this chapter introduces the code access security model that's hard-wired into the common language runtime (CLR).