.NET Training Overview
This three-day course provides a foundation of the various security APIs contained within the .NET 2.0 base class libraries. The course begins by examining how strong naming, obfuscation and digital certificates can prevent others from tampering with and modifying the content within a .NET assembly. The course then addresses the role of one-way encryption using hash algorithms as well as symmetrical and asymmetrical cryptographic services. This class will also examine the use of Role Based Security and Code Access Security to assign identities and permissions to users and executing assemblies. The course wraps up by examining numerous topics regarding securing ASP .NET web applications and XML web services.
.NET Training Audience:
Programmers interested in learning about .NET security features and options.
.NET Training Prerequisites
Programming experience in .NET is required.
.NET Training Course duration
3 days
.NET Training Course outline
Assemblies as a Security Boundary
- Reviewing the .NET Assembly Format
- Single File versus Multi-File Assemblies
- Understanding .NET Application Domains
- Assembly Security Threats and Various Countermeasures
- Understanding ‘Roundtrip Engineering’
- Disassembling an Assembly using Idlasm.exe
- Compiling CIL Code using Ilasm.exe
- Securing an Assembly using Strong Naming
- Strong names as a .NET Identity
- The Role of Publisher Certificates
- The Role of Obfuscation
- The Role of the FxCop.exe utility
Understanding the Role of Hash Algorithms
- Understanding the Role of Cryptography
- Getting to Know Bob, Alice and Eve
- Defining Hashing Algorithms and hash Codes
- A High Level Examination of Hash Code Theory
- The .NET Hash Code Algorithms
- The HashAlgorithm Base Class Functionality
- HashAlgorithm Derived Types
- Creating a Hash Algorithm Type
- Hashing Data Programmatically
- Generating Hash Codes from Streamed Data
- Validating Hash Codes Programmatically
- Understanding Keyed Hashing Algorithms
Understanding .NET Cryptographic Services
- The Role of Encryption
- Plaintext, Ciphertext and Cipher Functions
- Modes of Cipher Operation
- Understanding the Electronic Codebook (ECB) Mode
- Understanding the Cipher Block Chaining (CBC) Mode
- Understanding the Cipher Feedback (CFB) Mode
- Block Padding
- The .NET Symmetrical Encryption Algorithms
- The SymmetricalAlgorithm Base Class Functionality
- SymmetricalAlgorithm Derived Types
- Creating an Algorithm Type
- The ICryptoTransformer and CryptoStream Types
- Symmetrically Encrypting Data to Memory
- Decrypting Data Symmetrically
- Symmetrically Encrypting Data to file
- Understanding Asymmetric Encryption
- An Overview of .NET’s Asymmetrical Encryption Services
- Asymmetrically Encrypting and Decrypting Data
- Importing and Exporting Parameters
- Expressing key Data via XML
Understanding Role Based Security (RBS)
- Defining Role Based Security
- Establishing Users, Groups and Roles
- Understanding the Role of Principals
- The System.Security.Principal.WindowsPrincipal Type
- The System.Security.Principal.WindowsIdentity Type
- Obtaining the Current Principal
- Programming Choices with RBS
- The PrincipalPermission Type
- Declarative RBS
An Introduction to Code Access Security
- The Role of Code Access Security
- The Building Blocks of CAS
- Administration of CAS
- Investigating the Core Default Code Groups
- Investigating the Core Named Permission Sets
- Common Applications of CAS
- The Role of Evidence
- The System.Security.Policy.Evidence Type
- Programmatically Evaluating Evidence
- Working with Evidence Programmatically
- Understanding CAS Permission Objects
- Requesting permission Preferences
- Viewing Advertised Permissions
- Working with Permission Sets
- Programmatic Code Access Security (CAS)
Understanding Isolated Storage
- The Role of Isolated Storage
- Locating Isolated Storage
- Isolation Levels
- The System.IO.IsolatedStorage Namespace
- The IsolatedStorageFile Type
- Gaining Access to a User’s Store
- Writing Data Files to a store
- Reading Data from Files
- Administering Isolated Storage Using storeadm.exe
- Programmatically Manipulating Isolated Storage
- Enumerating Existing Storage
- Deleting Existing Stores
- Creating New Directories and Files
- Finding Existing Files and Directories
- Deleting Directories and Files
Securing an ASP.NET Web Site
- Security Options for ASP.NET Web Applications
- The Architecture of ASP.NET Security
- Configuring IIS Authentication
- Configuring SSL under IIS
- The ASPNET User Account
- Understanding the ASP.NET Pipeline
- The Role of the machine.config File
- The Role of the web.config File
- Configuration Inheritance
- ASP.NET Authentication Options
- Understanding Windows Based Authentication
- Configuring Windows Authentication
- Understanding ASP.NET Forms Based Authentication
- ASP.NET Authorization Syntax
- A Complete Forms Authentication Walkthrough
- Defining Known Users in a <credential> Element
- Establishing Custom Forms Authentication
- The FormsAuthentication Type
- ASP.NET Cookieless Authentication
- ASP.NET 2.0 Authentication Enhancements
- The Role of the ASPNETDB.MDF Database
- Configuring the provider via the web.config File
- Working with the Membership Provider API
- Adding New Members
- The MembershipUser Type
- The ASP.NET Security Controls
- Working with the Login Control
- The LoginStatus Control
- The LoginName Control
- The PasswordRecovery Control
- The ChangePassword Control
- The CreateUserWixard Control
Securing XML Web Services Using WSE 3.0
- Reviewing the Atoms of XML Web Services
- An Overview of Web Service Enhancement (WSE) 3.0
- Obtaining and Installing WSE 3.0
- Investigating the Microsoft.Web.Services3.dll Assembly
- The WSE 3.0 Runtime
- Interacting with WSE within an XML Web Service
- Interacting with WSE on the Client
- The Microsoft.Web.Service3.SoapContext Type
- Understanding the Role of WS-Security
- Caller Authentication Using WSE 3.0
- Authentication: Building the XML Web Service
- Authentication: Building the Client
|