ADO.NET 2.0 Security Guidelines
From Guidance Share
- J.D. Meier, Alex Mackman, Blaine Wastell, Prashant Bansode, Chaitanya Bijwe
Contents |
[edit]
Authentication
- If possible, use Windows authentication
- If you use SQL authentication, use strong passwords
- If you use SQL authentication, protect credentials over the network
- If you use SQL authentication, protect credentials in configuration files
- Consider which identity to use to connect to the database
[edit]
Authorization
- Restrict unauthorized callers
- Restrict unauthorized code
- Restrict application access to the database
[edit]
Code Access Security Considerations
- Use a Custom Policy if You Need to Access Non-SQL Server Databases from Partial Trust ASP.NET Applications
- Consider Restricting Database Access on Hosted Servers
- Do Not Rely on StrongNameIdentityPermission to Restrict Full Trust Callers
[edit]
Configuration and Connection Strings
- Avoid credentials in connection strings
- Store encrypted connection strings in configuration files
- Do not use Persist Security Info='True' or 'Yes'
- Avoid connection strings constructed with user input
- Avoid Universal Data Link (UDL) files where possible
[edit]
Exception Management
- Use finally blocks to make sure that database connections are closed
- Consider employing the Using statement to make sure that database connections are closed
- Avoid propagating ADO.NET exceptions to users
- In ASP.NET, use a generic error page
- Log ADO.NET exception details on the server
[edit]
Input / Data Validation
- Use regular expressions to validate input by comparing against expected patterns
- Use regular expressions to validate input by comparing against expected patterns
- If you use ASP.NET, use ASP.NET validator controls
- Do not rely on ASP.NET request validation
- Validate untrusted input passed to data access methods
[edit]
Sensitive Data
- If you need to store sensitive data, encrypt it
- Protect sensitive data on the network
- Store hashes with salt instead of passwords
[edit]
SQL Injection
- Constrain and sanitize input data
- Use type-safe SQL parameters for data access
- Avoid dynamic queries that accept untrusted input
- With dynamic SQL, use character escaping to handle special input characters
- Use an account that has restricted permissions in the database
[edit]
Deployment Considerations
- Apply Firewall Restrictions and Make Sure that Only the Required Ports are Open
- Store Encrypted Connection Strings in the Web.config File
- Use a Least-Privileged Database Login
- Enable Database Auditing, and Log Failed Login Attempts
- Protect Data Privacy and Integrity over the Network
[edit]
References
- See Security Guidelines: ADO.NET 2.0 at http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnpag2/html/PAGGuidelines0002.asp