lect16

Net application domains assemblies of a net

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: ctive, ‘black and white’ security model, Restrictive, improved in later versions improved SY32 Secure Computing, Lecture 16 18 .NET Application Domains • Assemblies of a .NET application can be loaded Assemblies into different application domains application • Application domains are isolated from each Application other, communicating only via remoting remoting • Each application domain can be programmed Each with its own code access security policy with SY32 Secure Computing, Lecture 16 19 .NET Isolated Storage • Applications may need to have some persistent Applications state, but granting unrestricted access to hard disk is risky disk • Isolated storage provides areas of disk that are private to a given user & assembly private Virtual filesystem; no way of specifying a path to Virtual another store or rest of disk another Quotas can be imposed to prevent DoS SY32 Secure Computing, Lecture 16 20 Code Signing • IL code can be signed digitally by someone IL prepared to vouch for that code prepared • If signature can be verified, code may be If regarded as trusted, and be granted greater privileges privileges • Java supports signing of JAR files • .NET supports signing of assemblies To guarantee integrity & uniqueness (strong naming) To identify publisher (Authenticode) SY32 Secure Computing, Lecture 16 21 Signing Process Hash Bytecode Signed hash Bytecode Signed hash JAR JAR Signer's private key SY32 Secure Computing, Lecture 16 22 Signature Verification Process New hash Bytecode Signed hash Compare hashes Check signature Original hash JAR Signer's public key SY32 Secure Computing, Lecture 16 23 Summary • Java and .NET promote greater security in Java development and in code execution development • Correctness of compiled code can be verified Correctness before it executes before Implementations are not perfect Some system configuration may be required • Java and .NET restrict access that untrusted Java code has to other code, filesystem, network, etc code • Restrictions can be relaxed for signed code SY32 Secure Computing, Lecture 16 24...
View Full Document

Ask a homework question - tutors are online