RE: [Rainbowportal-devel] Security
Brought to you by:
danijel_kecman,
manudea
From: William F. <WF...@im...> - 2005-04-01 16:51:21
|
Go look at the security related enterprise library blocks. They have = everything we need even if you think they are slow. -----Original Message----- From: rai...@li... = [mailto:rai...@li...] On Behalf Of = Jonathan Minond Sent: Friday, April 01, 2005 12:16 AM To: rai...@li... Subject: RE: [Rainbowportal-devel] Security 1.6 is still .net 1.1 The permission system is like that of NTFS, ( we will still need to come = up with comfortable ui's and admins for this ) Modules are a good place to move to .net 2 Skins we prefer zen2...if we can can get it ;-) Also 1.1 although built with services in mind... and is still meant for browser. So NO thining the target market please :-) I don't think web = sites will become pass=E9 because of 2.0... personally I don't like installing = a bunch of things.... End users will not want to install programs just so = they can visit one site.. even if it is a rainbow site ;-) It is = unrealistic... at least in the near future. So you have to keep the solutions to things that function on browser. I don't know what you mean by c# running on the browser....client side? Unless you meant in a windows app. I have used javascript for encrypt/decrypt before, but as you said it's = a little bit limited.=20 If we are looking to encrypt content Items you mentioned TripleDES or Rijndael ... can you elaborate a little on the whole process of storing = the encrypted items in db We need super fast runtime encryption/decryption of the data. The data = still hits the client ( if approved content, since content ahs permissions, assuming all contnetn has default anonymous allowed, but portal admin = chose to encrypt data in db )...then this data can be served to anyone using = the proper channel... a module or whatever, just not hacking the DB... The other factor is that permissions are hierarchy, so we get big performance considerations there. You need to check things on=20 a) Portal -> page -> module -> ContentItem ( Then if module has = attachments) You have to continue checking all the attachments to make sure they have rights to see them. This could potentially become a long running strech = if we are not careful. -----Original Message----- From: rai...@li... [mailto:rai...@li...] On Behalf Of Jeffrey MRA Sent: Friday, April 01, 2005 9:49 AM To: rai...@li... Subject: RE: [Rainbowportal-devel] Security Read my last reply before this one please. ASP 2.0 has some very good features; are we talking about using any of = them or making new ones? I'd opted to roll my own if security is really and = issue and if you are going to spend a lot of CPU time then it better be. Now I have to look at two cases here so for argument sakes I'm going to assume that we talking about 1.6 and ASP 2.0 and make one rule; that = this is going to be a secure communication as we can for the effort; CPU time is = a premium it can make or break your site; load factors and farming all = factor in; I have an ideal solution I have used for years and it will work even better with ASP 2.0; Windows Applications... What this is a web site you say; ASP 2.0 makes Window apps live update feature so easy web sites my become posse; you simple write a Windows app to use your SQL server and = then all your CPU time is on the client end and the encryption isn't done via = a browser at all but in the Windows Application; this runs in Mono LAN so Linux users can breath again; even MAC will be able to run these new C# Window apps; in fact you can do the whole web site in a Windows app. Now the second case:=20 Encryption of large amounts of data is time consuming; keep in mind = there are many ways to do this; I still like the three key system; but with a twist from the last one I described; public is given to all authorized users; private is the users log on password and fixed is again for the portal. Client side decryption can be done using C# or JAVA script = (Limited) or signed JAVA classes (Expensive and Limited); I would use C# even = though you might limit your target base; always a trade off. Hash is out of the question for data content; TripleDES or Rijndael are both good; the = first is faster from my test but the second more secure. You hash the three keys together to make a password for the following. public static void Encrypt(string fileIn, string fileOut, string = password)=20 {=20 if (password =3D=3D null) return; if (password.Trim().Length =3D=3D 0) return; // First we are going to open the file streams=20 FileStream FileStreamIn =3D new FileStream(fileIn, FileMode.Open, FileAccess.Read);=20 FileStream FileStreamOut =3D new FileStream(fileOut, = FileMode.OpenOrCreate, FileAccess.Write);=20 // Then we are going to derive a Key and=20 // an IV from the Password and create an algorithm=20 PasswordDeriveBytes ThisPasswordDeriveByte =3D new PasswordDeriveBytes(password, new byte[] {0x49, 0x76, 0x61, 0x6e, 0x20, 0x4d, 0x65, 0x64, 0x76, 0x65, 0x64, 0x65, 0x76});=20 #if (UseTripleDES) TripleDES CryptoAlgorithm =3D TripleDES.Create();=20 CryptoAlgorithm.Key =3D ThisPasswordDeriveByte.GetBytes(16);=20 CryptoAlgorithm.IV =3D ThisPasswordDeriveByte.GetBytes(8);=20 #endif #if (UseRijndael) Rijndael CryptoAlgorithm =3D Rijndael.Create();=20 CryptoAlgorithm.Key =3D ThisPasswordDeriveByte.GetBytes(32);=20 CryptoAlgorithm.IV =3D ThisPasswordDeriveByte.GetBytes(16);=20 #endif // Now create a crypto stream through which we are going to be pumping = data. // Our fileOut is going to be receiving the encrypted bytes.=20 CryptoStream ThisCryptoStream =3D new CryptoStream(FileStreamOut, CryptoAlgorithm.CreateEncryptor(), CryptoStreamMode.Write);=20 // Now will will initialize a Buffer=20 // and will be processing the input file in chunks.=20 // This is done to avoid reading the whole file=20 // (which can be huge) into memory.=20 int BufferLen =3D 4096;=20 byte[] Buffer =3D new byte[BufferLen];=20 int BytesRead;=20 do=20 {=20 // read a chunk of data from the input file=20 BytesRead =3D FileStreamIn.Read(Buffer, 0, BufferLen);=20 // encrypt it=20 ThisCryptoStream.Write(Buffer, 0, BytesRead);=20 } while(BytesRead !=3D 0);=20 // close everything=20 // this will also close the unrelying FileStreamOut stream ThisCryptoStream.Close();=20 FileStreamIn.Close(); =20 } =20 =20 public static void Decrypt(string fileIn, string fileOut, string = password)=20 {=20 if (password =3D=3D null) return; if (password.Trim().Length =3D=3D 0) return; // First we are going to open the file streams=20 FileStream FileStreamIn =3D new FileStream(fileIn, FileMode.Open, FileAccess.Read);=20 FileStream FileStreamOut =3D new FileStream(fileOut, = FileMode.OpenOrCreate, FileAccess.Write);=20 // Then we are going to derive a Key and=20 // an IV from the Password and create an algorithm=20 PasswordDeriveBytes ThisPasswordDeriveByte =3D new PasswordDeriveBytes(password, new byte[] {0x49, 0x76, 0x61, 0x6e, 0x20, 0x4d, 0x65, 0x64, 0x76, 0x65, 0x64, 0x65, 0x76});=20 #if (UseTripleDES) TripleDES CryptoAlgorithm =3D TripleDES.Create();=20 CryptoAlgorithm.Key =3D ThisPasswordDeriveByte.GetBytes(16);=20 CryptoAlgorithm.IV =3D ThisPasswordDeriveByte.GetBytes(8);=20 #endif #if (UseRijndael) Rijndael CryptoAlgorithm =3D Rijndael.Create();=20 CryptoAlgorithm.Key =3D ThisPasswordDeriveByte.GetBytes(32);=20 CryptoAlgorithm.IV =3D ThisPasswordDeriveByte.GetBytes(16);=20 #endif // Now create a crypto stream through which we are going to be pumping = data. // Our fileOut is going to be receiving the Decrypted bytes.=20 CryptoStream ThisCryptoStream =3D new CryptoStream(FileStreamOut, CryptoAlgorithm.CreateDecryptor(), CryptoStreamMode.Write);=20 // Now will will initialize a Buffer=20 // and will be processing the input file in chunks.=20 // This is done to avoid reading the=20 // whole file (which can be huge) into memory.=20 int BufferLen =3D 4096;=20 byte[] Buffer =3D new byte[BufferLen];=20 int BytesRead;=20 do=20 {=20 // read a chunk of data from the input file=20 BytesRead =3D FileStreamIn.Read(Buffer, 0, BufferLen);=20 // Decrypt it=20 ThisCryptoStream.Write(Buffer, 0, BytesRead);=20 } while(BytesRead !=3D 0);=20 // close everything=20 ThisCryptoStream.Close(); // this will also close the unrelying FileStreamOut stream=20 FileStreamIn.Close(); =20 } I never tried this in a client code; but if C# code truly can run client side this should work; by the way these are very good functions I hope = you enjoy them as much as I did. As far as links go a search engine would drive me crazy answering a = question I already know; I could find worse sources of info and some might think better; but I say if it works good use it; it's simple and proven the = key is in the keys; three keys: public, private and fixed; how much more secure = to do need it? Jeff Flesher -----Original Message----- From: rai...@li... [mailto:rai...@li...] On Behalf Of Jonathan Minond Sent: Thursday, March 31, 2005 11:31 PM To: rai...@li... Subject: RE: [Rainbowportal-devel] Security Also... One of the plans in 1.6 is that almost everything is encryptable,=20 Meaning you can encrypt all your data from content not just passwords = :-) But this is all server side so far....=20 Can you provide some links on acceptable 2 way hash solutions? -----Original Message----- From: rai...@li... [mailto:rai...@li...] On Behalf Of Jeffrey MRA Sent: Friday, April 01, 2005 4:21 AM To: rai...@li... Subject: RE: [Rainbowportal-devel] Security I don't agree with it being a performance issue; we are talking about = one field here; not many users have passwords with more than 10 characters; = what are we talking about is microseconds of computer CPU time. There is no software to install with the function I included; nor is there a reason = to use or offer to use more than one option for encryption; overkill.=20 As far as changing the database; it is not need; check to see if the password is in clear text; if so use it; if not then use the encryption method; keep it simple (KISS). This is not rocket science it's the = ability to encrypt passwords to make a secure or more secure system.=20 I will also disagree as that sending password reminder is a good thing; = it's not; in fact it is a serious security birch; at least with a password = reset you can add a traceable element to the transaction; keep in mind if = someone stills your email and than ask for a password and as is you just hand it out; this happens all the time; I know that not to long ago someone here = had their email stolen; now what if they used it to hack his web site?=20 I believe fully in security and all I'm suggesting is the bare minimum; = but your right; we need to explore all options and let everyone let there = option known; I value your option but I ask you to error on the side of good judgment; in other words come up with a good argument. Ask yourself what = you think a customer wants; as programmers we some things get myopic and = can't see the obvious; if this is an e-commerce site (and I think it is or can = be) then where is the security? I can come up with far too many arguments = for security and none for not having any; that's just my option and all most = 30 years as a computer programmer.=20 Jeff Flesher -----Original Message----- From: rai...@li... [mailto:rai...@li...] On Behalf Of Jonathan Minond Sent: Thursday, March 31, 2005 2:24 PM To: rai...@li... Subject: RE: [Rainbowportal-devel] Security Would that not require end users to install extra things beyond a = browser? Like an email client with that supports is, or some way to manage the = key? Seems like it gets complicated. Maybe something to consider as one of = the options for 1.6. We can technically offer sever options, that are Site = or Portal admin defined.=20 As a default for the application I wouldn't suggest it. I suggest = default is simple hash with a new password generator. Then a user can log in and = edit their profile and password again. Why don't we get a list of the options? And then maybe we can start = looking at how to handle this. We also don't want to go to crazy... letting = people have so many options. I think standard are=20 Clear text MD5 SHA128 SHA256 SHA512 Etc... Anything over 256 is already costing a lot performance wise, but I = suppose if you want to potentially have rainbow support enterprise, and economic type systems you need to offer high end...=20 I don't think any of this is a rush decisions, but we should get a list = of options that people agree rb should support. My opinion is that we = should not force end users to rely much on extra things beyond the browser as = far as core features are concerned. - Jonathan -----Original Message----- From: rai...@li... [mailto:rai...@li...] On Behalf Of = Pekka Ylenius Sent: Thursday, March 31, 2005 10:34 PM To: rai...@li... Subject: RE: [Rainbowportal-devel] Security How about 2way encryption... It is possible to return password but it is not clear text. -----Original Message----- From: "Jonathan Minond" <jon...@jo...> To: <rai...@li...> Date: Thu, 31 Mar 2005 21:16:29 +0200 Subject: RE: [Rainbowportal-devel] Security > Clear text offeres >=20 > 1) password remindes >=20 > 2) Less security =3D more performance >=20 > =20 >=20 > The more you hash and secure things, the slower they will be. however > this > is not sucha worry for just logins. >=20 > And instead of password reminder you can offer a "Generate new > password" > feature. >=20 > =20 >=20 > The problem with just implementing this into 1.5.. its no so > straightforward, you need to fix data for existing passwords as well. >=20 > =20 >=20 > - Jonathan ------------------------------------------------------- This SF.net email is sponsored by Demarc: A global provider of Threat Management Solutions. Download our HomeAdmin security software for free today! http://www.demarc.com/info/Sentarus/hamr30 _______________________________________________ Rainbowportal-devel mailing list Rai...@li... https://lists.sourceforge.net/lists/listinfo/rainbowportal-devel ------------------------------------------------------- This SF.net email is sponsored by Demarc: A global provider of Threat Management Solutions. Download our HomeAdmin security software for free today! http://www.demarc.com/info/Sentarus/hamr30 _______________________________________________ Rainbowportal-devel mailing list Rai...@li... https://lists.sourceforge.net/lists/listinfo/rainbowportal-devel ------------------------------------------------------- This SF.net email is sponsored by Demarc: A global provider of Threat Management Solutions. Download our HomeAdmin security software for free today! http://www.demarc.com/info/Sentarus/hamr30 _______________________________________________ Rainbowportal-devel mailing list Rai...@li... https://lists.sourceforge.net/lists/listinfo/rainbowportal-devel ------------------------------------------------------- This SF.net email is sponsored by Demarc: A global provider of Threat Management Solutions. Download our HomeAdmin security software for free today! http://www.demarc.com/info/Sentarus/hamr30 _______________________________________________ Rainbowportal-devel mailing list Rai...@li... https://lists.sourceforge.net/lists/listinfo/rainbowportal-devel ------------------------------------------------------- This SF.net email is sponsored by Demarc: A global provider of Threat Management Solutions. Download our HomeAdmin security software for free today! http://www.demarc.com/info/Sentarus/hamr30 _______________________________________________ Rainbowportal-devel mailing list Rai...@li... https://lists.sourceforge.net/lists/listinfo/rainbowportal-devel ------------------------------------------------------- This SF.net email is sponsored by Demarc: A global provider of Threat Management Solutions. Download our HomeAdmin security software for free today! http://www.demarc.com/info/Sentarus/hamr30 _______________________________________________ Rainbowportal-devel mailing list Rai...@li... https://lists.sourceforge.net/lists/listinfo/rainbowportal-devel |