Sale!
Placeholder

Implementing Code Access Security For Mono

10,000 3,000

93 Pages | chapter 1-5 | PDF and Microsoft Format

Topic Description

Implementing Code Access Security For Mono

Summary/abstract
The .NET framework is a software development platformandexecution environment designedforthe Microsoft Windows operatingsystem. The framework provides auseful securitymodel namedCode Access Security, which places code into ‘sandboxes’ that maintain security, basedon a configurable local policy. I have addedthe equivalent of Code Access Securityto the Mono project, an open source implementation of the .NET platform. This document illustrates the motivation, development process, andevaluation of the system

Table of contents
Chapter 1: Introduction………………………………………………………………………………………………………………………………………… 1
1.0 Computer security………………………………………………………………………………………………………………………………….. 1
1.1 Microsoft .NET……………………………………………………………………………………………………………………………………… 1
1.2 Application development for .NET ………………………………………………………………………………………………………… 2
1.3 The Mono project ………………………………………………………………………………………………………………………………….. 2
1.4 Code Access Security……………………………………………………………………………………………………………………………… 3
Chapter 2: Project management…………………………………………………………………………………………………………………………… 5
2.0 Overview……………………………………………………………………………………………………………………………………………….. 5
2.1 Aim……………………………………………………………………………………………………………………………………………………….. 5
2.2 Objectives ……………………………………………………………………………………………………………………………………………… 5
2.3 Minimum requirements…………………………………………………………………………………………………………………………… 6
2.4 Further enhancements ……………………………………………………………………………………………………………………………. 6
2.5 Scheduling……………………………………………………………………………………………………………………………………………… 6
2.7 Problem owner and users……………………………………………………………………………………………………………………….. 7
2.8 Choice of software tools…………………………………………………………………………………………………………………………. 7
2.9 Software development methodology……………………………………………………………………………………………………….. 8
2.10 Methodology modifications…………………………………………………………………………………………………………………….. 9
2.11 Miscellaneous considerations…………………………………………………………………………………………………………………10
2.12 Deliverables…………………………………………………………………………………………………………………………………………..10
Chapter 3: The Microsoft implementation …………………………………………………………………………………………………………11
3.0 Overview………………………………………………………………………………………………………………………………………………11
3.1 Runtime environments…………………………………………………………………………………………………………………………..11
3.2 JIT compilation……………………………………………………………………………………………………………………………………..12
3.3 Managed code……………………………………………………………………………………………………………………………………….12
3.4 .NET assemblies and metadata………………………………………………………………………………………………………………13
3.5 Framework components………………………………………………………………………………………………………………………..13
3.6 .NET framework security………………………………………………………………………………………………………………………14
3.7 Role based and code access security……………………………………………………………………………………………………….14
3.8 Permission granting process…………………………………………………………………………………………………………………..15
3.8.1 Step 1: Collect evidence …………………………………………………………………………………………………………………….15
3.8.2 Step 2: Determine code group membership……………………………………………………………………………………….16
3.8.3 Step 3: Compute permission sets……………………………………………………………………………………………………….16
Implementing Code Access Security For Mono
iv
3.8.4 Step 4: Repeat for each policy level…………………………………………………………………………………………………….17
3.9 Security policy files………………………………………………………………………………………………………………………………..17
3.10 Runtime interaction……………………………………………………………………………………………………………………………….18
Chapter 4: Existing solutions………………………………………………………………………………………………………………………………22
4.0 Overview………………………………………………………………………………………………………………………………………………22
4.1 The Java security model…………………………………………………………………………………………………………………………22
4.2 Strengths of Java solution………………………………………………………………………………………………………………………24
Chapter 5: Requirements and Analysis……………………………………………………………………………………………………………….26
5.0 Overview………………………………………………………………………………………………………………………………………………26
5.1 System overview……………………………………………………………………………………………………………………………………26
5.2 Actor roles…………………………………………………………………………………………………………………………………………….27
5.3 Artifact: Use case model………………………………………………………………………………………………………………………..27
5.4 Artifact: Domain model…………………………………………………………………………………………………………………………28
5.5 Functional requirements………………………………………………………………………………………………………………………..28
5.6 Non functional requirements…………………………………………………………………………………………………………………30
5.7 Further enhancements …………………………………………………………………………………………………………………………..30
Chapter 6: Design………………………………………………………………………………………………………………………………………………..31
6.0 Overview………………………………………………………………………………………………………………………………………………31
6.1 Reverse engineering design…………………………………………………………………………………………………………………….31
6.2 Policy administration component …………………………………………………………………………………………………………..31
6.4 Policy checking component……………………………………………………………………………………………………………………32
6.5 Artifact: Complete class diagram……………………………………………………………………………………………………………32
Chapter 7: Implementation …………………………………………………………………………………………………………………………………34
7.0 Overview………………………………………………………………………………………………………………………………………………34
7.1 Unit tests and test driven development…………………………………………………………………………………………………..34
7.2 Overview by requirement

GET COMPLETE PROJECT