Professional Documents
Culture Documents
Development of the Web has contributed to the growth of Internet learning and online exams, Internet and Online exams have not been extensively adopted. An Internet based exam is defined in this project as one that ta e place over the unsure of yourself web, and where no proctor is in the same place as the examinees. !y project propose an improved safe filled Internet exam organi"ation setting mediated by group cryptography methods using distant monitoring and control of ports and input. #he objective domain of this project is that of Internet exams for any subject$s contest in any level of %ducation, as well as exams in online university courses with students in various different locations. &roject proposes a trouble'free solution to the issue of security and cheating for online exams. #his solution uses an enhanced in the Online Exam safety organi"ed system which is based on group cryptography with e'monitoring methods
Existing System
Different dishonest patterns exists in present organi"ation together with photocopying the answers of others, inter'changing answers, penetrating the web for answers, using the information and software saved on the student$s computer and discussing the exam by mailing system, phone, or immediate messaging or using (igbee etc.
Disadvantages
)* +tages of contact between teachers and students decreases. ,* #he tendency to copy in the online exams and cheat by students increases. -* #he system must rely on students$ sincerity, honesty or their having an reputation code
Proposed System
&roject introduces a clarification to the issue of safety and cheating for web based exams. #his solution uses an enhanced safety organi"e system in the Online Exam which is based on collection based cryptography with an e'monitoring methodologies. #he cryptography supports superior safety organi"es for the web exam process, as well as validation and veracity. #he e'monitoring provides a proctor role to distinct location examinees to prevent copying and cheating over the internet based online examination systems, and thus removes the prere.uisite of having to go to a permanent location. #he target of this project is web based exams of any type and exams in online university courses with students at distinct locations. &roject undergoes administer an internet based examination at a static time with the same .uestions for all examinees, just li e an off'line exam, but without restricting the physical place of the examinees. #his system enable many inds of tests to be given online, it can provide teachers with well again evaluation principles for students and may put in to improving the .uality of education.
Advantages
)* web based exam management system having some monitoring method to prevent and to detect cheating and copying ,* Without regard to position and time. -* Avoid intercepting or interfering with communications during an exam conducted through web.
>A!
0 ;), !8
Administrator:In t is module Administrator is a!ing t e task to manage t e information e can also add# update or a"out t e Examiners# $roctors and students and applying for t e exams t roug
delete t e information a"out t e Examination centers and t e candidates internet% Also sc edule t e information a"out accessing t e t e exams and generate keys using Asymmetric algorit ms &uestion papers to t e data"ase and
&uestion papers upload "y different type of examiners ' o are uploading e can also add t e marks for t e student after completion of t eir exams% (ere key management plays a !ital role in pro!iding security and safety to t e online examination processes% Admin 'ill encrypt t e ans'er upload "y t e examiners ' o are preparing online exams using AES algorit m%
Key Generation:In t is module Admin Exams and as t e 'ork to sc edule t e information a"out t e
on t e re&uested sc edule in order to generate keys 'e user group key generator "ased algorit ms in t is application t is module place a role of identifying t e student attending t e exam using p oto comparisons and a"le
to monitor t e systems ' ere students are access t e online examination application "y desktop capturing mec anism%
In t is module student can c eck t e information pro!ided "y t e administrator pu"lic keys and pri!ates% )y using keys e is a"le login to t e exam 'indo' can ans'er t e &uestion% Immediately after exam starts a !ideo conference "et'een examiners and students to identify t e "e a!iors of t e students and capturing of images for e!ery * to + seconds in order to identify t e genuinely of t e student at t e time of results% All t e ,S) $orts of t e C%$%, are disa"ling in order to a!oid copying of ans'ers from t ird party de!ices% An interface is de!eloping in suc a 'ays ' ic a!oids access of key"oard and ot er menus of -perating system% Results and Reports:. is module contains all t e information a"out t e results generated "y t e Administrator and a lot rank cards to t e students "ased on t eir "e a!iors and performance during t e online examination% Admin can generate reports "ased on grades allotted "y online examination system Video Conferen e and !es"top Capturin# . is module contains all t e information a"out Video conference "et'een student and examiner t ese * modules 'ill "e automatically initiali/ed immediately after starting up t e application 0-nline Examination systems1 a li!e !ideo 'ill "e telecasted of student and
sa!e to t e student data"ase to t e ser!er% . e e!ents and "e a!iors of t e student during t e online exam process
Resear h Methods:
2% 3ogging4client registers is5 er personal data 6login# pass'ord7 a% confirmation is taking place after su"mitting data "% aut entication error is signali/ed "y fault message c% if aut entication doesn8t return error# user is allo'ed to system *% Managing students 9 called "y examiner a% inspector adds# remo!es and modifies students data% "% if examiner did not insert re&uired data 6login# pass'ord# and image 'ill uploaded to t e ser!er data"ase at t e time of registration7 else system returns error message c% if data is registered and users enter all !alid information 'it !alid data correctly# accepting message is "eing s o'n +% $reparing exams a% examiner is permitted to decide categories and num"er of &uestions from indi!idual exam "% examiner adds t e amount of correct ans'ers 6in :7 re&uired to pass t e exam and ans'ers entered "y examiner 'ill "e encrypted using AES5DES algorit m to pro!ide security to t e ans'ers from ackers or intruders% c% examiner sets time and sc edule of exam ;% Acti!ating Exam a% Examiner acti!ate exam using a pu"lic and pri!ate key generated "y t e examiners so t at students can run it%
<% Managing &uestions a% examiner adds# edits and remo!es &uestions and categories "% (e can also su"scri"e &uestions to categories =% Vie'ing results a% examiner can !ie' condensed results of all students t at a!e "een passing t is test "% after clicking one student8s login e can enter >Vie'ing personal ?eed)ack@ A% Vie'ing personal ?eed)ack a% user is allo'ed to exam results of one studentB "% examiner can !ie' results of eac student at e!ery time c% student can see results of exam only once 9 Cust after passing t e exam% D% Running test a% student is c oosing one of a!aila"le exams# "ecause of ' at personali/ed test 'it random &uestions is "eing created "% after student finis es test# its results and &uestions are "eing sa!ed in exam% c% Video conference module is add to monitor student from distinct places d% Desktop capturing mec anism elps in capturing t e e!ents and actions performed "y t e users or student during t e examination process e% ,S) Disa"le and ena"les automatically immediately after examination starts Initial 3iterature Re!ie'E . e recent ser!ice and e!entual extensi!e acceptance of electronic monitoring in groping students and a !ariety of classes In t is proCect # 'e examine t e impacts# connected c allenges and safety
lapses of t e existing electronic4examination structure 'it t e aim of ameliorating and emergent a ne' satisfactory e4Exam system t at takes care of t e existing system8s c allenges and safety measures lapses% Students t at participated in t e online exams 'ere c osen for inter!ie' and &uestionnaire% )ased on t e examination of t e inter!ie's and study of t e existing electronic online test and examination system# some anomalies 'ere exposed and a ne' e4 exams system 'as de!eloped to 'ipe out t ese anomalies% . e ne' system uses data encryption in order to protect t e &uestions sent to t e e4Examination center t roug t e internet or intranet and a !ideo conference "ased de!ices are connected to a!oid c eating in t e online examination process% -nline examination as "een ig ly paying attention and appropriate in "ot learning and educational aspects% . e "est met od to e!aluate t e a"ility and kno'ledge of an indi!idual is t roug examination process% .o t is conclusion# !arious met ods as "een in 'ork in examining t e capa"ility of an personality# starting from manual means of using paper and pencil to electronic# from spoken to 'rite# practical to t eoretical and many ot ers% . e current information tec nology 'ay of examining students is t e use of electronic systems in position of manual or paper tec ni&ue ' ic 'as c aracteri/ed "y uge examination leakages# impersonations# demand for satisfaction "y teac ers# inducement4 taking "y super!isors and in!igilators of examinations% . ere is a rising "ody of in!estigation is focused on mounting impro!ed 'ays to super!ise e4exams met ods and e4learning systems% Some of t is researc focused on a !ariety of section of t e system and t ese includesE Sc ramm looked at a e4learning 'e" "ased system t at could simply offer and grade mat ematical &uestions 'it inFnite lack of complaint% . erefore it needs t e a"ility for in and output of numerical formulas# t e dynamic generation of plots and t e generation of random 'ords and statistics%. is is 'e" "ased online examination sc eme# t e system carry out t e test and auto4grading for students exams% . e system facilitates conducting exams# collection of ans'ers# auto marking t e su"missions and manufacture of reports for t e exam% It supports many kinds of &ueries% It 'as used t roug online and is t erefore suita"le for "ot limited and distant examination% . e system could assist lecturers# instructors# teac ers and ot ers ' o are prepared to create ne' exams or edit presented ones as 'ell as students participating in t e exams
'iterature Survey:
(raud and Cheating control: >esearch is on case study that describes the researchers$ attempts to article and stop frauds and cheating on their web based exams. #hey present facts of their hard wor to decrease both the probability and force of cheating on'line. +uggestions are offered that are planned to provide direction for others wishing to pursue web based online exams in their classes over the past several years, a number of academics have espoused the value of using on'line exams in classes as opposed to the face'to'face paper exams that are traditionally given in the college classroom. !ost often, on'line exams are used in conjunction with a distance'learning course where all the course material is administered on'line. #heoretically, however, many of the benefits associated with using online exams in a distance e'learning course should also be present if on'line exams are used in a more traditional course. #his paper used on'line exams in just that style. Although we teach divide sections of lessons that get together face'to'face twice a wee , and decided to explore the possibility of administering web based online exams to our learners on'line. #he possible remuneration of doing this are many and comprise ever'increasing grading correctness, minimi"ing the grading time, and provided that students with instant feedbac . &ossibly even more importantly, web based internet exams can free of charge up time in class to pursue other nowledge behaviors. In most lessons, the time available always seems to run out earlier than the amount of main material that re.uirements to be covered. If exams are ta en out of the classroom and administer over the web, then many instructors would find four or more extra class session in which they could cover added material. Or, they may wish to cover the same amount of information to be shared to the students attending online exams, but cover it in better depth. As this paper will essay, we establish all of these profit and more when administering our exams web based exams.
While I am very pleased with our first nowledge, a irritating .uestion persisted. Bamely, i concerned that student may have been cheating or doing fraud on the exams, and that the cheating and fraud may have been widespread. As such, i too a number of steps to aim to notice any cheating on the web baesd exams. In adding, I too a amount of steps to try to minimi"e the impact of whatever cheating did occur that did not get detected. In the sections that follow, we will first describe our course and learning environment in detail. Additionally, we will see to document many of the ways that students could potentially cheat on on'line exams. 2urthermore, we will outline the specific steps we too to detect it and minimi"e its impact. #o conclude, we will share some of our positive experiences with on'line testing in general, and will outline additional steps we plan to ta e in the future to improve their effectiveness in the classroom. 8efore describing the various means of cheating on the exam, it is important for us to discuss our testing protocol so that it is clear what students are and are not allowed to do. At the beginning of every exam, we include a paragraph that reads in part, C#his is not an open boo or open notes exam. #his exam is to be ta en during the allotted time period without the aid of boo s, notes, or other students. <ou have approximately @; seconds per .uestion to complete this exam. #his exam must be ta en on'line from start to finish. Do not download it to ta e it or distribute it to anyone. #he statistics feature of On course will monitor and report how you ta e this exam.D We also verbally announce this statement in class prior to each exam and answer any .uestions students might have with regard to what is and is not allowed on the exam. As such, we have identified the following potential ways to cheat on our on'line exams0 =aving someone other than the student ta e the exam %xceeding the posted time limit 6ollaborating with others during the exam Downloading or distributing the exam to others Esing material that is not allowed Ftextboo or class notes* Identifying the possible means of compromising the integrity of the exam was an important first step, but it was only a first step. After devising this list, we then set out to try to detect whether or not cheating occurred. S)EPS )O %&*&%&+E )#E &%PAC) O( C#EA)&*G +ome of the ways we minimi"e the impact of cheating rely on the same tools we use to detect it as outlined in the previous section. 2or instance, timing the exam helps lessen
the opportunity that students have to utili"e inappropriate material. If our exams had no time limit, the temptation to avoid studying and rely instead on loo ing up answers during the exam would be greater. 8y providing only forty'five seconds per .uestion, we limit the students$ ability to engage in this. We also tend to as lengthy, application'based .uestions. #hese .uestions ta e more time to process and are more difficult to loo up in the textboo because the answers re.uire a synthesis of information as opposed to a simple recitation of a fact. While we could ta e this one step further and re.uire essay .uestions, we have not pursued that yet, but may do so in the future. #iming the tests also ma es it more difficult for students to collaborate during the exam. We add a further level of difficulty to any attempt at collaboration by scrambling the order of the test .uestions on each exam. #his prevents students from simply as ing each other the answer to .uestion six, for example, because the .uestion order will be different on each exam. In a similar vein, we also ta e steps to minimi"e the li elihood that someone other than the student is ta ing the exam. One of the primary ways we do this is to have multiple assignments due during the course of the semester. In a typical semester, each student will need to submit over twenty separate assignments on'line. Although it may be relatively easy for them to get help on one of them or even a few of them, it will be considerably tougher and G or more costly to find someone willing to complete every on'line activity for them. <et another way we minimi"e the impact of collaboration is to re.uire a cumulative, face'to'face final exam at the end of the semester. #his exam is weighted more heavily than the other exams and has a pronounced impact on the students$ final grades. If they have not been eeping up with the material throughout the semester Fi.e., they have had someone else doing their wor *, they are very li ely to fail the final exam. If they fail the final, it carries enough points that they are unli ely to get an A or a 8 in the course regardless of how well they did on any other assignment. All told, these steps help us minimi"e the impact that cheating has in our classroom. While we certainly have not eradicated its occurrence, we suggest that totally eliminating it is not li ely on any exam, face to face or on'line. Instead, these steps have allowed us to lessen the li elihood of cheating and also lessen the temptation for cheating to the students. #his has allowed us to reali"e many benefits in the classroom that we would not have had if we had given our exams in the traditional manner.
O,E!A'' ASSESS%E*) O( O*-'&*E E.A%S Overall, we are .uite pleased with the impact that using on'line exams has had in our classes. 8y using this method, we have freed up three entire class periods worth of time. We have used this time to have class discussions that were more in'depth and focused than time normally allowed. We have also been able to add more group activities and experiences that re.uire students to ta e some of the theoretical concepts we discuss in class and apply them to their personal lives. +tudent satisfaction with this approach has been high. Bot only do the students enjoy the flexibility of ta ing the exams at a time that is convenient for them, they also report learning more in the classroom. 8ecause we are able to use experiential exercises in class that we did not have time to use before, they also report greater satisfaction with the material. It is more meaningful to them because they have internali"ed more of it. #his would be more difficult to accomplish if we were not able to free up class time by using on'line exams. On'line exams would not be possible if we did not have cheating under control. 8y ta ing the steps we have to detect cheating and minimi"e its impact, we have been able to ta e class exams offline and have had a more rewarding classroom experience for our students. We are very encouraged by the initial results. (U)U!E S)EPS While this study does help provide some insight as to how to detect cheating and minimi"e its impact, the wor in this area is just beginning. As more and more academics decide to explore the possibility of using this form of testing, additional steps need to be ta en to ensure that cheating is minimi"ed. As such, it is important that further research be devoted to this crucial topic. One area ripe for further exploration is to underta e additional steps to enhance the testing protocol that is used. As an example, some schools have reported success in having students formally sign honor codes before ta ing exams. It may be beneficial to see what impact this might have in an online testing environment. Another potentially promising area that we plan to explore is to loo at whether or not student personality characteristics might influence their propensity to cheat. We are currently collecting data on such variables as student self'efficacy and self'esteem to see whether or not there might be a significant relationship between them and subse.uent
cheating on exams. #o conclude, we encourage other instructors to engage in this field of research. #he benefits of using online exams are numerous, but until teachers and administrators can be reasonably assured that cheating is not rampant, they will not be fully utili"ed in the classroom and many of these benefits will go unreali"ed. 8y continuing to explore the topic of cheating on online exams, the problem can be further minimi"ed and the general classroom experience can be enhanced.
Group Cryptograp yE
Exam GroupsE
Algorithms:
#he D%+ FData %ncryption +tandard* algorithm is the most widely used encryption algorithm in the world. 2or many years, and among many people, Hsecret code ma ingH and D%+ have been synonymous. And despite the recent coup by the %lectronic 2rontier 2oundation in creating a I,,4,444 machine to crac D%+'encrypted messages, D%+ will live on in government and ban ing for years to come through a life' extending version called Htriple'D%+.H =ow does D%+ wor J #his article explains the various steps involved in D%+'encryption, illustrating each step by means of a simple example. +ince the creation of D%+, many other algorithms Frecipes for changing data* have emerged which are based on design principles similar to D%+. Once you understand the basic transformations that ta e place in D%+, you will find it easy to follow the steps involved in these more recent algorithms. 8ut first a bit of history of how D%+ came about is appropriate, as well as a loo toward the future.
the ,LK@ Fread this as0 H, to the K@th powerH* possible arrangements of K@ bits, each of which may be either 4 or ). %ach bloc of K@ bits is divided into two bloc s of -, bits each, a left half bloc ' and a right half !. F#his division is only used in certain operations.* Example: :et % be the plain text message % M 4),-@;KN5OA86D%2, where % is in hexadecimal Fbase )K* format. >ewriting % in binary format, we get the K@'bit bloc of text0 % M 4444 444) 44)4 44)) 4)44 4)4) 4))4 4))) )444 )44) )4)4 )4)) ))44 ))4) )))4 )))) ' M 4444 444) 44)4 44)) 4)44 4)4) 4))4 4))) ! M )444 )44) )4)4 )4)) ))44 ))4) )))4 )))) #he first bit of % is H4H. #he last bit is H)H. We read from left to right. D%+ operates on the K@'bit bloc s using key si"es of ;K' bits. #he eys are actually stored as being K@ bits long, but every 5th bit in the ey is not used Fi.e. bits numbered 5, )K, ,@, -,, @4, @5, ;K, and K@*. =owever, we will nevertheless number the bits from ) to K@, going left to right, in the following calculations. 8ut, as you will see, the eight bits just mentioned get eliminated when we create sub eys. Example: :et / be the hexadecimal ey / M )--@;NNOO886D22). #his gives us as the binary ey Fsetting ) M 444), - M 44)), etc., and grouping together every eight bits, of which the last one in each group will be unused*0 / M 444)44)) 44))4)44 4)4)4))) 4))))44) )44))4)) )4))))44 ))4))))) ))))444) #he D%+ algorithm uses the following steps0
PC-1 57 1 10 19 63 7 14 21 49 58 2 11 55 62 6 13 41 50 59 3 47 54 61 5 33 42 51 60 39 46 53 28 25 34 43 52 31 38 45 20 17 26 35 44 23 30 37 12 9 18 27 36 15 22 29 4
Example: 2rom the original K@'bit ey / M 444)44)) 44))4)44 4)4)4))) 4))))44) )44))4)) )4))))44 ))4))))) ))))444) we get the ;K'bit permutation /P M ))))444 4))44)) 44)4)4) 4)4)))) 4)4)4)4 )4))44) )44)))) 444)))) Bext, split this ey into left and right halves, C0 and D0, where each half has ,5 bits. Example: 2rom the permuted ey /P, we get C0 M ))))444 4))44)) 44)4)4) 4)4)))) D0 M 4)4)4)4 )4))44) )44)))) 444)))) With C0 and D0 defined, we now create sixteen bloc s Cn and Dn, )QMnQM)K. %ach pair of bloc s Cn and Dn is formed from the previous pair Cn-1 and Dn-1, respectively, for n M ), ,, ..., )K, using the following schedule of Hleft shiftsH of the previous bloc . #o do a left shift, move each bit one place to the left, except for the first bit, which is cycled to the end of the bloc .
Iteration Number 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 Number of Left Shifts 1 1 2 2 2 2 2 2 1 2 2 2 2 2 2 1
#his means, for example, C3 and D3 are obtained from C2 and D2, respectively, by two left shifts, and C16 and D16 are obtained from C15 and D15, respectively, by one left shift. In all cases, by a single left shift is meant a rotation of the bits one place to the left, so that after one left shift the bits in the ,5 positions are the bits that were previously in positions ,, -,..., ,5, ). Example: 2rom original pair C0 and D0 we obtain0 C0 M ))))4444))44))44)4)4)4)4)))) D0 M 4)4)4)4)4))44))44))))444)))) C1 M )))4444))44))44)4)4)4)4))))) D1 M )4)4)4)4))44))44))))444))))4 C2 M ))4444))44))44)4)4)4)4)))))) D2 M 4)4)4)4))44))44))))444))))4) C3 M 4444))44))44)4)4)4)4)))))))) D3 M 4)4)4))44))44))))444))))4)4) C4 M 44))44))44)4)4)4)4))))))))44 D4 M 4)4))44))44))))444))))4)4)4) C5 M ))44))44)4)4)4)4))))))))4444 D5 M 4))44))44))))444))))4)4)4)4) C6 M 44))44)4)4)4)4))))))))4444)) D6 M )44))44))))444))))4)4)4)4)4) C7 M ))44)4)4)4)4))))))))4444))44 D7 M 4))44))))444))))4)4)4)4)4))4 C8 M 44)4)4)4)4))))))))4444))44)) D8 M )44))))444))))4)4)4)4)4))44) C9 M 4)4)4)4)4))))))))4444))44))4 D9 M 44))))444))))4)4)4)4)4))44)) C10 M 4)4)4)4))))))))4444))44))44) D10 M ))))444))))4)4)4)4)4))44))44 C11 M 4)4)4))))))))4444))44))44)4) D11 M ))444))))4)4)4)4)4))44))44)) C12 M 4)4))))))))4444))44))44)4)4) D12 M 444))))4)4)4)4)4))44))44))))
C13 M 4))))))))4444))44))44)4)4)4) D13 M 4))))4)4)4)4)4))44))44))))44 C14 M )))))))4444))44))44)4)4)4)4) D14 M )))4)4)4)4)4))44))44))))444) C15 M )))))4444))44))44)4)4)4)4))) D15 M )4)4)4)4)4))44))44))))444))) C16 M ))))4444))44))44)4)4)4)4)))) D16 M 4)4)4)4)4))44))44))))444)))) We now form the eys Kn, for )QMnQM)K, by applying the following permutation table to each of the concatenated pairs CnDn. %ach pair has ;K bits, but PC-8 only uses @5 of these.
PC-2 14 3 23 16 41 30 44 46 17 28 19 7 52 40 49 42 11 15 12 27 31 51 39 50 24 6 4 20 37 45 56 36 1 21 26 13 47 33 34 29 5 10 8 2 55 48 53 32
#herefore, the first bit of Kn is the )@th bit of CnDn, the second bit the )Nth, and so on, ending with the @5th bit of Kn being the -,th bit of CnDn. Example: 2or the first ey we have C1D1 M )))4444 ))44))4 4)4)4)4 )4))))) )4)4)4) 4))44)) 44))))4 44))))4 which, after we apply the permutation PC-8, becomes K1 M 444))4 ))4444 44)4)) )4)))) )))))) 444))) 44444) ))44)4 2or the other eys we have K2 M 4))))4 4))4)4 )))4)) 4))44) ))4))4 ))))44 )44))) )44)4) K3 M 4)4)4) 4))))) ))44)4 44)4)4 4)4444 )4))44 )))))4 4))44) K4 M 4)))44 )4)4)4 ))4))) 4)4))4 ))4))4 ))44)) 4)4)44 4)))4) K5 M 4))))) 44)))4 ))4444 444))) )))4)4 ))4)4) 44)))4 )4)444 K6 M 4))444 )))4)4 4)4)44 )))))4 4)4)44 444))) )4))44 )4)))) K7 M )))4)) 44)444 4)44)4 ))4))) ))))4) )4444) )444)4 ))))44 K8 M ))))4) )))444 )4)444 )))4)4 ))4444 4)44)) )4)))) )))4)) K9 M )))444 44))4) )4)))) )4)4)) )))4)) 4))))4 4))))4 44444) K10 M )4))44 4))))) 44))4) 444))) )4)))4 )44)44 4))44) 44))))
K11 M 44)444 4)4)4) )))))) 4)44)) ))4))) )4))4) 44)))4 444))4 K12 M 4)))4) 4)4))) 444))) ))4)4) )44)4) 444))4 4))))) )4)44) K13 M )44)4) ))))44 4)4))) 4)444) )))))4 )4)4)) )4)44) 44444) K14 M 4)4))) ))4)44 44)))4 ))4))) ))))44 )4)))4 4)))44 )))4)4 K15 M )4)))) )))44) 444))4 44))4) 44)))) 4)44)) ))))44 44)4)4 K16 M ))44)4 ))44)) ))4))4 44)4)) 4444)) )4444) 4))))) ))4)4) +o much for the sub eys. Bow we loo at the message itself.
Example: Applying the initial permutation to the bloc of text %, given previously, we get % M 4444 444) 44)4 44)) 4)44 4)4) 4))4 4))) )444 )44) )4)4 )4)) ))44 ))4) )))4 )))) &P M ))44 ))44 4444 4444 ))44 ))44 )))) )))) )))) 4444 )4)4 )4)4 )))) 4444 )4)4 )4)4 =ere the ;5th bit of % is H)H, which becomes the first bit of &P. #he ;4th bit of % is H)H, which becomes the second bit of &P. #he Nth bit of % is H4H, which becomes the last bit of &P. Bext divide the permuted bloc &P into a left half L0 of -, bits, and a right half bits. Example: 2rom &P, we get L0 and
0 0
of -,
L0 M ))44 ))44 4444 4444 ))44 ))44 )))) )))) 0 M )))) 4444 )4)4 )4)4 )))) 4444 )4)4 )4)4
We now proceed through )K iterations, for )QMnQM)K, using a function ! which operates on two bloc s''a data bloc of -, bits and a ey Kn of @5 bits''to produce a bloc of -, bits. 'et 9 denote .O! addition4 :2it-2y-2it addition modulo 8;. #hen for n going from ) to )K we calculate Ln M n-1 n M Ln-1 P !F ,Kn*
n-1
#his results in a final bloc , for n M )K, of L16 16. #hat is, in each iteration, we ta e the right -, bits of the previous result and ma e them the left -, bits of the current step. 2or the right -, bits in the current step, we 1O> the left -, bits of the previous step with the calculation ! . Example: 2or n M ), we have K1 M 444))4 ))4444 44)4)) )4)))) )))))) 444))) 44444) ))44)4 L1 M 0 M )))) 4444 )4)4 )4)4 )))) 4444 )4)4 )4)4 1 M L0 P !F 0,K1* It remains to explain how the function ! wor s. #o calculate !, we first expand each bloc n-1 from -, bits to @5 bits. #his is done by using a selection table that repeats some of the bits in n-1 . WeRll call the use of this selection table the function E. #hus EF n-1* has a -, bit input bloc , and a @5 bit output bloc . :et E be such that the @5 bits of its output, written as 5 bloc s of K bits each, are obtained by selecting the bits in its inputs in order according to the following table0
E BIT-SELECTION TABLE 32 4 8 12 16 20 24 28 1 5 9 13 17 21 25 29 2 6 10 14 18 22 26 30 3 7 11 15 19 23 27 31 4 8 12 16 20 24 28 32 5 9 13 17 21 25 29 1
n-1
#hus the first three bits of EF n-1* are the bits in positions -,, ) and , of last , bits of EF n-1* are the bits in positions -, and ). Example: We calculate EF 0* from
0
while the
as follows0
0 M )))) 4444 )4)4 )4)4 )))) 4444 )4)4 )4)4 EF 0* M 4))))4 )4444) 4)4)4) 4)4)4) 4))))4 )4444) 4)4)4) 4)4)4)
FBote that each bloc of @ original bits has been expanded to a bloc of K output bits.*
Bext in the ! calculation, we 1O> the output EF Kn P EF Example: 2or K1 , EF 0*, we have
n-1
n-1
*.
K1 M 444))4 ))4444 44)4)) )4)))) )))))) 444))) 44444) ))44)4 EF 0* M 4))))4 )4444) 4)4)4) 4)4)4) 4))))4 )4444) 4)4)4) 4)4)4) K1PEF 0* M 4))444 4)444) 4))))4 )))4)4 )4444) )44))4 4)4)44 )44))). We have not yet finished calculating the function ! . #o this point we have expanded n-1 from -, bits to @5 bits, using the selection table, and 1O>ed the result with the ey Kn . We now have @5 bits, or eight groups of six bits. We now do something strange with each group of six bits0 we use them as addresses in tables called HS 2oxesH. %ach group of six bits will give us an address in a different S box. :ocated at that address will be a @ bit number. #his @ bit number will replace the original K bits. #he net result is that the eight groups of K bits are transformed into eight groups of @ bits Fthe @'bit outputs from the S boxes* for -, bits total. Write the previous result, which is @5 bits, in the form0 Kn P EF
n-1
* M"1"2"3"4"5"6"7"8,
where each "i is a group of six bits. We now calculate #1$"1%#2$"2%#3$"3%#4$"4%#5$"5%#6$"6%#7$"7%#8$"8% where #i$"i% referres to the output of the i'th S box. #o repeat, each of the functions #1& #2&'''& #8, ta es a K'bit bloc as input and yields a @' bit bloc as output. #he table to determine #1 is shown and explained below0
S1 Column Number Row No. 0 1 2 3 0 1 2 13 14 ! 3 1 4 ! 2 4 5 6 11 ! 13 1 2 11 1 ! " 10 11 6 12 12 11 " 3 14 12 13 5 " " 5 3 10 10 0 14 15 0 3 ! 5 0 6 13
14 4 0 15 4 1 15 12
2 15 14 2 13 6 4 "
3 10 10 6 15 12 5 11
If #1 is the function defined in this table and " is a bloc of K bits, then #1$"% is determined as follows0 #he first and last bits of " represent in base , a number in the decimal range 4 to - For binary 44 to ))*. :et that number be i. #he middle @ bits of " represent in base , a number in the decimal range 4 to ); Fbinary 4444 to ))))*. :et that
number be (. :oo up in the table the number in the i'th row and ('th column. It is a number in the range 4 to ); and is uni.uely represented by a @ bit bloc . #hat bloc is the output #1$"% of #1 for the input ". 2or example, for input bloc " M 4))4)) the first bit is H4H and the last bit H)H giving 4) as the row. #his is row ). #he middle four bits are H))4)H. #his is the binary e.uivalent of decimal )-, so the column is column number )-. In row ), column )- appears ;. #his determines the outputS ; is binary 4)4), so that the output is 4)4). =ence #1F4))4))* M 4)4). #he tables defining the functions #1&''' are the following0
S1 14 4 0 15 4 1 15 12 13 7 14 8 1 4 8 2 2 15 14 2 13 6 4 9 11 8 13 1 2 11 1 7 S2 15 1 3 13 0 14 13 8 8 14 4 7 7 11 10 1 6 11 15 2 10 4 3 15 3 4 8 14 13 1 4 2 S3 10 0 13 7 13 6 1 10 9 14 0 9 4 9 13 0 6 3 3 4 8 15 6 9 15 5 6 10 3 0 8 7 S4 7 13 13 8 10 6 3 15 14 11 9 0 3 5 0 6 0 6 6 15 12 11 10 1 9 10 0 3 7 13 13 8 S5 2 12 14 11 4 2 11 8 4 1 2 12 1 11 12 7 7 10 4 7 10 13 1 14 11 6 13 1 7 8 2 13 S6 12 1 10 15 9 14 4 3 10 15 4 2 15 5 2 12 9 2 7 12 2 8 9 5 6 8 9 5 12 3 15 10 S 0 13 6 1 7 0 11 14 3 4 13 14 4 10 1 7 14 7 0 11 1 13 6 0 5 11 3 8 11 6 8 13 8 5 5 0 15 9 6 15 3 15 15 10 12 5 0 9 13 3 6 10 0 9 3 4 14 9 8 6 0 14 5 3 1 4 15 9 2 7 1 4 8 5 2 12 3 14 5 11 11 12 1 10 5 2 12 7 4 15 14 9 8 4 2 14 1 13 2 8 11 1 4 15 12 7 5 14 2 12 14 3 11 4 12 11 5 10 11 5 2 8 15 1 14 7 2 12 9 12 5 11 7 0 8 6 2 13 1 10 12 6 7 12 12 6 9 0 0 9 3 5 5 10 11 5 2 15 14 9 3 10 10 6 15 12 5 11 6 12 12 11 9 7 3 14 5 9 9 5 3 10 10 0 0 7 3 8 5 0 6 13
4 11 13 0 1 4 6 11
2 14 11 7 11 13 13 8
15 4 12 1
0 9 3 4
8 13 1 10 7 14 10 7 S!
3 12 14 3 10 15 9 5
9 7 5 12 6 8 0 15
5 10 2 15 0 5 14 2
6 1 8 6 9 2 3 12
13 2 1 15 7 11 2 1
8 13 4 14
4 8 1 7
6 15 10 3 9 12 4 10
11 1 7 4 14 2 8 13
10 9 12 5 0 6 15 12
3 14 6 11 10 13 9 0
5 0 0 14 15 3 3 5
12 7 9 2 5 8 6 11
Example: 2or the first round, we obtain as the output of the eight S boxes0 K1 P EF 0* M 4))444 4)444) 4))))4 )))4)4 )4444) )44))4 4)4)44 )44))). #1$"1%#2$"2%#3$"3%#4$"4%#5$"5%#6$"6%#7$"7%#8$"8% M 4)4) ))44 )444 44)4 )4)) 4)4) )44) 4))) #he final stage in the calculation of ! is to do a permutation P of the S'box output to obtain the final value of !0 ! M PF#1$"1%#2$"2%'''#8$"8%* #he permutation P is defined in the following table. P yields a -,'bit output from a -,'bit input by permuting the bits of the input bloc .
P 16 29 1 5 2 32 19 22 7 12 15 18 8 27 13 11 20 28 23 31 24 3 30 4 21 17 26 10 14 9 6 25
Example: 2rom the output of the eight S boxes0 #1$"1%#2$"2%#3$"3%#4$"4%#5$"5%#6$"6%#7$"7%#8$"8% M 4)4) ))44 )444 44)4 )4)) 4)4) )44) 4))) we get ! M 44)4 44)) 4)44 )4)4 )4)4 )44) )4)) )4))
1
M L0 P !F
, K1 *
M ))44 ))44 4444 4444 ))44 ))44 )))) )))) P 44)4 44)) 4)44 )4)4 )4)4 )44) )4)) )4)) M )))4 )))) 4)44 )4)4 4))4 4)4) 4)44 4)44 In the next round, we will have L2 M 1, which is the bloc we just calculated, and then we must calculate 2 ML1 ) !$ 1& K2%, and so on for )K rounds. At the end of the sixteenth round we have the bloc s L16 and 16. We then re*er+e the order of the two bloc s into the K@'bit bloc
16
L16
#hat is, the output of the algorithm has bit @4 of the preoutput bloc as its first bit, bit 5 as its second bit, and so on, until bit ,; of the preoutput bloc is the last bit of the output. Example: If we process all )K bloc s using the method defined previously, we get, on the )Kth round, L16 M 4)44 44)) 4)44 44)4 44)) 44)4 44)) 4)44 16 M 4444 )4)4 4)44 ))44 ))4) )44) )44) 4)4) We reverse the order of these two bloc s and apply the final permutation to L16 M 4444)4)4 4)44))44 ))4))44) )44)4)4) 4)4444)) 4)4444)4 44))44)4 44))4)44
16
,--1 M )4444)4) )))4)444 444)44)) 4)4)4)44 4444)))) 4444)4)4 )4))4)44 44444)4) which in hexadecimal format is 5;%5)-;@424A8@4;. #his is the encrypted form of % M 4),-@;KN5OA86D%20 namely, C M 5;%5)-;@424A8@4;.
Decryption is simply the inverse of encryption, follwing the same steps as above, but reversing the order in which the sub eys are applied.
Crac3ing DES
8efore D%+ was adopted as a national standard, during the period B8+ was soliciting comments on the proposed algorithm, the creators of public ey cryptography, !artin =ellman and Whitfield Diffie, registered some objections to the use of D%+ as an encryption algorithm. =ellman wrote0 HWhit Diffie and I have become concerned that the proposed data encryption standard, while probably secure against commercial assault, may be extremely vulnerable to attac by an intelligence organi"ationH Fletter to B8+, October ,,, )ON;*. Diffie and =ellman then outlined a Hbrute forceH attac on D%+. F8y Hbrute forceH is meant that you try as many of the ,L;K possible eys as you have to before decrypting the ciphertext into a sensible plaintext message.* #hey proposed a special purpose Hparallel computer using one million chips to try one million eys eachH per second, and estimated the cost of such a machine at I,4 million. 2ast forward to )OO5. Ender the direction of Tohn Ailmore of the %22, a team spent I,,4,444 and built a machine that can go through the entire ;K'bit D%+ ey space in an average of @.; days. On Tuly )N, )OO5, they announced they had crac ed a ;K'bit ey in ;K hours. #he computer, called Deep 6rac , uses ,N boards each containing K@ chips, and is capable of testing O4 billion eys a second. Despite this, as recently as Tune 5, )OO5, >obert :itt, principal associate deputy attorney general at the Department of Tustice, denied it was possible for the 28I to crac D%+0 H:et me put the technical problem in context0 It too )@,444 &entium computers wor ing for four months to decrypt a single message . . . . We are not just tal ing 28I and B+A Uneeding massive computing powerV, we are tal ing about every police department.H >esponded cryptograpy expert 8ruce +chneier0 H . . . the 28I is either incompetent or lying, or both.H +chneier went on to say0 H#he only solution here is to pic an algorithm with a longer eyS there isnRt enough silicon in the galaxy or enough time before the sun burns out to brute' force triple'D%+H FCrypto-Gram, 6ounterpane +ystems, August );, )OO5*.
)riple-DES
#riple'D%+ is just D%+ with two ;K'bit eys applied. Aiven a plaintext message, the first ey is used to D%+' encrypt the message. #he second ey is used to D%+'decrypt the encrypted message. F+ince the second ey is not the right ey, this decryption just scrambles the data further.* #he twice'scrambled message is then encrypted again with the first ey to yield the final ciphertext. #his three'step procedure is called triple'D%+. #riple'D%+ is just D%+ done three times with two eys used in a particular order. F#riple' D%+ can also be done with three separate eys instead of only two. In either case the resultant ey space is about ,L)),.*
!SA Overvie :
8rowser started withX Well thatRs about it. While we did not discuss the theory behind the formulae involved I hope that you got at least a basic idea of how the public ey cryptography using the >+A algorithm wor s.
57 DES&G*
570 An Overvie of Uml
#he E!: is a language for are0 #he E!:$s basic building bloc s #he rules that dictate how those building bloc s may be put together. +ome common mechanisms that apply throughout the E!:. 3isuali"ing +pecifying 6onstructing Documenting
#hese are the artifacts of a software'intensive system. #he three major elements of E!:
#hey are the abstractions that are first'class citi"ens in a model. #here are four inds of things in the E!: +tructural things. 8ehavioral things. Arouping things. Annotational things. #hese things are the basic object oriented building bloc s of the E!:. #hey are used to write well'formed models.
Colla2oration 6ollaboration defines an interaction and is a society of roles and other elements that wor together to provide some cooperative behavior that$s bigger than the sum of all the elements. Araphically, collaboration is rendered as an ellipse with dashed lines, usually including only its name as shown below.
Chain of Responsi$ility
Use Case Ese case is a description of a set of se.uence of actions that a system performs that yields an observable result of value to a particular thing in a model. Araphically, Ese 6ase is rendered as an ellipse with dashed lines, usually including only its name as shown below. Active Class An active class is a class whose objects own one or more processes or threads and therefore can initiate control activity. Araphically, an active class is rendered just li e a class, but with heavy lines usually including its name, attributes and operations as shown below.
87 Association: It is a relationship between instances of the two classes. #here is an association between two classes if an instance of one class must now about the other in order to perform its wor . In a diagram, an association is a lin connecting two classes. Araphically it is represented by line as shown. <7 Generali>ation: An inheritance is a lin indicating one class is a super class of the other. A generali"ation has a triangle pointing to the super class. Araphically it is represented by line with a triangle at end as shown.
57 !eali>ation:
A use case diagram identifies the functionality provided by the system FEse cases*, identifies users who interact with system FActor* and provides association between users and Ese cases. #hese models behavior of system with respect to users. It shows dynamic aspects of the system when user interacts with the system. A Ese case can have all
possible interaction of users with use cases graphically. #hus Ese case diagram models use cases view of a system. Definition A Ese case diagram is a set of use cases, actors and relationships between them. A use case diagram contains0 Ese cases. Actors. Association between them. Aenerali"ation between Actors. Include, extend, generali"ation, relationships.
Use Case:
Deployment:
State: 7?
Class Diagram:
Registration name : String pass ord : String P!otograp! : "#te Connect D"() $dd Users()
Login username : String Pass ord : String Image : "#te $ut!enticate() %enerate&e#s()
Data (lo :
Student
Registration
Login
Access Exam
Exam "$
plat,orm ,or building di,,erent kinds o, so,t are applications( 4!# it is called as 5plat,orm6 is3 it acts as plat,orm ,or multiple languages3 tools and libraries( It o,,ers )isuall# stunning user e+periences3 programming orld( It o,,ers muc! ad)anced securit# ,eatures ne)er be,ore( Supports do9ens o, languages like C:3 ;"(1*T3 ;C<<(1*T3 C="=L3 Pascal3 P#t!on etc( !ic! is mostl# re7uired toda#8s competiti)e
(1*T o,,ers a 2rame ork ,or building applications and !ig!>,idelit# e+periences in 4indo s t!at blend toget!er application UI3 documents3 and media content3 !ile e+ploiting t!e ,ull po er o, t!e computer( 4P2 (4indo s Presentation 2oundation) o,,ers de)elopers support ,or /D and ?D grap!ics3 !ard are accelerated e,,ects3 scalabilit# to di,,erent ,orm ,actors3 interacti)e data )isuali9ation3 and superior content readabilit#(
T!e assem#%' (t!e compiled code o, (1*T ,rame ork) contains t!e securit# in,ormation like !ic! categories o, users or !o can access t!e class or met!od( So t!at e can sa# t!at (1*T 2rame ork applications are muc! secured( T!e securit# can be impro)ed in t!e $SP(1*T 4eb Sites b# Securit# models like Integrated 4indo s $ut!entication3 Microso,t Passport $ut!entication3 2orms $ut!entication3 and Client Certi,icate aut!entication(
2ortran3 'askell3 B:3 Mercur#3 Mondrian3 =beron3 P#t!on3 IronP#t!on3 RP%3 Sc!eme3 Small Talk3 Standard ML
Modules of .NET
+. !,.NET -! S*arp.NET. /-Language.
It is !ig!l# used (1*T programming language3 used b# most o, t!e (1*T programmers( It borro s some programming ,eatures ,rom 5C6 and some ot!er programming ,eatures ,rom 5C<<6( In addition to t!ese3 it borro s ,e o, t!e good ,eatures o, Da)a language( It is t!e obDect oriented programming language(
87
+. !onso%e App%ications
T!ese applications contains similar user inter,ace to t!e operating s#stems like MS> D=S and U1IC( &no n as C(U(I (C!aracter User Inter,ace) applications( T!ese are similar to CAC<< applications( T!ese are smaller in si9e( Doesn8t contain an# grap!ical ,eatures like mouse pointer3 colors3 ,onts3 buttons etc(
5. 1indows App%ications
T!ese applications are designed similar to t!e 54indo s6 operating s#stem( &no n as %(U(I (%rap!ical User Inter,ace) applications( =,,ers grap!ical ,eatures like mouse pointer3 colors3 ,onts3 buttons3 te+t bo+es etc(
6. 1indows Ser&ices
$ 4indo s ser)ice is a long>running e+ecutable application(
T!ese can run onl# on indo s plat,orms( T!ese per,orm speci,ic ,unctions as background process( Doesn8t contain user inter,ace or doesn8t re7uire an# user interaction(
!en t!e operating s#stem is booted and run in t!e background as long as 4indo s is running3 or t!e# can be started manuall# !en re7uired(
*+amples: i( 4indo s Time( ii( 4indo s $udio( iii( $nti>;irus Securit#( i)( Database ser)ices like S7l Ser)er3 M# S7l3 =racle etc( )( IIS State Ser)ices( )i( "atter# Po er Suppl# Status on Laptops( etc( To see t!e all t!e installed indo s ser)ices on t!e s#stem3 click on 5Start6 E 5Control Panel6 E 5$dministrati)e Tools6 E 5Ser)ices6(
9. 1e# Ser&ices
4eb Ser)ices are simple and eas# to understand( T!ese can be de)eloped using again $SP(1*T( T!ese are also kno n as 5 eb applications6 similar to 5 eb sites6( "ut 4eb sites e+pose certain user inter,ace (in t!e ,orm o, eb pages) to t!e end>user@ 4eb ser)ices e+pose a certain programming logic !ic! can be accessed t!roug! anot!er eb site( *+amples: i( =nline s!opping re7uires credit card aut!entication(
ii.
$e)ore .NET
$ranc*es o) (icroso)t 0rogramming:
In t!e late GHH0s3 4indo s programming using t!e Microso,t plat,orm !ad di)ided into a number o, branc!es( Most programmers ere using ;isual "asic (;")( Some ot!er programmers 2oundational Classes)( ere using ;isual C<< (;C<<) it! M2C (Microso,t
it! ra
4in?/
&ntroduction
. is ' ite paper co!ers some of t e operational and administrati!e tasks associated 'it MicrosoftG SH3 Ser!erI *JJ< security and enumerates "est practices and operational and administrati!e tasks t at 'ill result in a more secure SH3 Ser!er system% Eac topic descri"es a feature and "est practices% ?or additional information on t e specifics of utilities# features# and DD3 statements referenced in t is ' ite paper# see SH3 Ser!er *JJ< )ooks -nline% ?eatures and options t at are ne' or defaults t at are c anged for SH3 Ser!er *JJ< are identified% Coding examples for operational tasks use .ransact4SH3# so understanding .ransact4SH3 is re&uired for you to get t e most out of t is paper%
It is a good practice to re!ie' ' ic product features you actually need and install only t ose features% 3ater# install additional features only as needed% SH3 Ser!er *JJ< includes sample data"ases for -3.$# data 'are ousing# and Analysis Ser!ices% Install sample data"ases on test ser!ers onlyB t ey are not installed "y default ' en you install t e corresponding engine feature% SH3 Ser!er *JJ< includes sample code co!ering e!ery feature of t e product% . ese samples are not installed "y default and s ould "e installed only on a de!elopment ser!er# not on a production ser!er% Eac item of sample code as undergone a re!ie' to ensure t at t e code follo's "est practices for security% Eac sample uses Microsoft Mindo'sG security principals and illustrates t e principal of least pri!ilege% SH3 Ser!er as al'ays "een a feature4ric data"ase and t e num"er of ne' features in SH3 Ser!er *JJ< can "e o!er' elming% -ne 'ay to make a system more secure is to limit t e num"er of optional features t at are installed and ena"led "y default% It is easier to ena"le features ' en t ey are needed t an it is to ena"le e!eryt ing "y default and t en turn off features t at you do not need% . is is t e installation policy of SH3 Ser!er *JJ<# kno'n as Koff "y default# ena"le ' en needed%K -ne 'ay to ensure t at security policies are follo'ed is to make secure settings t e default and make t em easy to use% SH3 Ser!er *JJ< pro!ides a Kone4stopK utility t at can "e used to ena"le optional features on a per4ser!ice and per4instance "asis as needed% Alt oug t ere are ot er utilities 6suc as Ser!ices in Control $anel7# ser!er configuration commands 6suc as sp% onfi#ure7# and A$Is suc as MMI 6Mindo's Management Instrumentation7 t at you can use# t e SH3 Ser!er Surface Area Configuration tool com"ines t is functionality into a single utility program% . is program can "e used eit er from t e command line or !ia a grap ic user interface% SH3 Ser!er Ser!ice Area Configuration di!ides configuration into t'o su"setsE ser!ices and connections# and features% ,se t e Surface Area Configuration for Ser!ices and Connections tool to !ie' t e installed components of SH3 Ser!er and t e client net'ork interfaces for eac engine component% . e startup type for eac ser!ice 6Automatic# Manual# or Disa"led7 and t e client net'ork interfaces t at are a!aila"le can "e configured on a per4instance "asis% ,se t e Surface Area Configuration for ?eatures tool to !ie' and configure instance4le!el features% . e features ena"led for configuration areE C3R Integration
Remote use of a dedicated administrator connection -3E Automation system procedures System procedures for Data"ase Mail and SH3 Mail Ad oc remote &ueries 6t e -$ELR-MSE. and -$ELDA.AS-,RCE functions7 SH3 Ser!er Me" Assistant xp% mdshell a!aila"ility (..$ endpoints Ser!ice )roker endpoint
. e SH3 Ser!er Surface Area Configuration command4line interface# sac%exe# permits you to import and export settings% . is ena"les you to standardi/e t e configuration of a group of SH3 Ser!er *JJ< instances% Nou can import and export settings on a per4instance "asis and also on a per4ser!ice "asis "y using command4line parameters% ?or a list of command4line parameters# use t e -& command4line option% Nou must a!e sysadmin pri!ilege to use t is utility% . e follo'ing code is an example of exporting all settings from t e default instance of SH3 Ser!er on ser!er2 and importing t em into ser!er*E sac out server1.out sac in server1.out S server1 S server2 ! a"min I #SS$LS%&'%&
M en you upgrade an instance of SH3 Ser!er to SH3 Ser!er *JJ< "y performing an in4place upgrade# t e configuration options of t e instance are unc anged% ,se SH3 Ser!er Surface Area Configuration to re!ie' feature usage and turn off features t at are not needed% Nou can turn off t e features in SH3 Ser!er Surface Area Configuration or "y using t e system stored procedure# sp% onfi#ure% (ere is an example of using sp% onfi#ure to disallo' t e execution of xp% mdshell on a SH3 Ser!er instanceE (( )**o+ a"vance" o,tions to be chan-e". %.%/ s,0confi-ure 1sho+ a"vance" o,tions12 1 34 (( !,"ate the current*5 confi-ure" va*ue for a"vance" o,tions. &%/4N6I3!&% 34 (( 7isab*e the feature. %.%/ s,0confi-ure 18,0cm"she**12 0 34 (( !,"ate the current*5 confi-ure" va*ue for this feature. &%/4N6I3!&% G-
In SH3 Ser!er *JJ<# SH3 Ser!er )ro'ser functionality as "een factored into its o'n ser!ice and is no longer part of t e core data"ase engine% Additional functions are also factored into separate ser!ices% Ser!ices t at are not a part of t e core data"ase engine and can "e ena"led or disa"led separately includeE SH3 Ser!er Acti!e Directory (elper SH3 Ser!er Agent SH3 Ser!er ?ull.ext Searc SH3 Ser!er )ro'ser SH3 Ser!er VSS Mriter
. e SH3 Ser!er )ro'ser ser!ice needs to "e running only to connect to named SH3 Ser!er instances t at use .C$5I$ dynamic port assignments% It is not necessary to connect to default instances of SH3 Ser!er *JJ< and named instances t at use static .C$5I$ ports% ?or a more secure configuration# al'ays use static .C$5I$ port assignments and disa"le t e SH3 Ser!er )ro'ser ser!ice% . e VSS Mriter allo's "ackup and restore using t e Volume S ado' Copy frame'ork% . is ser!ice is disa"led "y default% If you do not use Volume S ado' Copy# disa"le t is ser!ice% If you are running SH3 Ser!er outside of an Acti!e DirectoryG directory ser!ice# disa"le t e Acti!e Directory (elper% 'est pra ti es for surfa e area redu tion Install only t ose components t at you 'ill immediately use% Additional components can al'ays "e installed as needed% Ena"le only t e optional features t at you 'ill immediately use% Re!ie' optional feature usage "efore doing an in4place upgrade and disa"le unneeded features eit er "efore or after t e upgrade% De!elop a policy 'it respect to permitted net'ork connecti!ity c oices% ,se SH3 Ser!er Surface Area Configuration to standardi/e t is policy% De!elop a policy for t e usage of optional features% ,se SH3 Ser!er Surface Area Configuration to standardi/e optional feature ena"ling% Document any exceptions to t e policy on a per4instance "asis% .urn off unneeded ser!ices "y setting t e ser!ice to eit er Manual startup or Disa"led%
M en c oosing ser!ice accounts# consider t e principle of least pri!ilege% . e ser!ice account s ould a!e exactly t e pri!ileges t at it needs to do its Co" and no more pri!ileges% Nou also need to consider account isolationB t e ser!ice accounts s ould not only "e different from one anot er# t ey s ould not "e used "y any ot er ser!ice on t e same ser!er% -nly t e first t'o account types in t e list a"o!e a!e "ot of t ese properties% Making t e SH3 Ser!er ser!ice account an administrator# at eit er a ser!er le!el or a domain le!el# "esto's too many unneeded pri!ileges and s ould ne!er "e done% . e 3ocal System account is not only an account 'it too many pri!ileges# "ut it is a s ared account and mig t "e used "y ot er ser!ices on t e same ser!er% Any ot er ser!ice t at uses t is account as t e same set up pri!ileges as t e SH3 Ser!er ser!ice t at uses t e account% Alt oug Let'ork Ser!ice as net'ork access and is not a Mindo's superuser account# it is a s area"le account% . is account is usea"le as a SH3 Ser!er ser!ice account only if you can ensure t at no ot er ser!ices t at use t is account are installed on t e ser!er% ,sing a local user or domain user t at is not a Mindo's administrator is t e "est c oice% If t e ser!er t at is running SH3 Ser!er is part of a domain and must access domain resources suc as file s ares or uses linked ser!er connections to ot er computers running SH3 Ser!er# a domain account is t e "est c oice% If t e ser!er is not part of a domain 6for example# a ser!er running in t e perimeter net'ork 6also kno'n as t e DMO7 in a Me" application7 or does not need to access domain resources# a local user t at is not a Mindo's administrator is preferred% Creating t e user account t at 'ill "e used as a SH3 Ser!er ser!ice account is easier in SH3 Ser!er *JJ< t an in pre!ious !ersions% M en SH3 Ser!er *JJ< is installed# a Mindo's group is created for eac SH3 Ser!er ser!ice# and t e ser!ice account is placed in t e appropriate group% .o create a user t at 'ill ser!e as a SH3 Ser!er ser!ice account# simply create an KordinaryK account t at is eit er a mem"er of t e ,sers group 6non4domain user7 or Domain ,sers group 6domain user7% During installation# t e user is automatically placed in t e SH3 Ser!er ser!ice group and t e group is granted exactly t e pri!ileges t at are needed% If t e ser!ice account needs additional pri!ileges# t e pri!ilege s ould "e granted to t e appropriate Mindo's group# rat er t an granted directly to t e ser!ice user account% . is is consistent 'it t e 'ay access control lists are "est managed in Mindo's in general% ?or example# t e a"ility to use t e SH3 Ser!er Instant ?ile Initiali/ation feature re&uires t at t e $erform Volume Maintenance .asks user rig ts "e set in t e Group $olicy Administration tool% . is pri!ilege s ould "e granted to SH3Ser!er*JJ<MSSH3,serPMac ineLamePMSSH3SERVER group for t e default instance of SH3 Ser!er on ser!er KMac ineLame%K SH3 Ser!er ser!ice accounts s ould "e c anged only "y using SH3 Ser!er Configuration Manager# or "y using t e e&ui!alent functionality in t e MMI A$Is% ,sing Configuration Manager ensures t at t e ne' ser!ice account is placed in t e appropriate Mindo's group# and is t us granted exactly t e correct pri!ileges to run t e ser!ice% In addition# using SH3 Ser!er Configuration Manager also re4encrypts t e ser!ice master key t at is using t e ne' account% ?or more information on t e ser!ice master key# see Encryption later in t is paper% )ecause SH3 Ser!er ser!ice accounts also a"ide "y Mindo's pass'ord expiration policies# it is necessary to c ange t e ser!ice account pass'ords at regular inter!als% In SH3 Ser!er *JJ<# it is easier to a"ide "y pass'ord expiration policies "ecause c anging t e pass'ord of t e ser!ice account does not re&uire restarting SH3 Ser!er%
SH3 Ser!er *JJ< re&uires t at t e ser!ice account a!e less pri!ilege t an in pre!ious !ersions% Specifically# t e pri!ilege Act As $art of t e -perating System 6SEQ.C)QLAME7 is not re&uired for t e ser!ice account unless SH3 Ser!er *JJ< is running on t e Microsoft Mindo's Ser!erI *JJJ S$; operating system% After doing an upgrade in place# use t e Group $olicy Administration tool to remo!e t is pri!ilege% . e SH3 Ser!er Agent ser!ice account re&uires sysadmin pri!ilege in t e SH3 Ser!er instance t at it is associated 'it % In SH3 Ser!er *JJ<# SH3 Ser!er Agent Co" steps can "e configured to use proxies t at encapsulate alternate credentials% A CREDEL.IA3 is simply a data"ase o"Cect t at is a sym"olic name for a Mindo's user and pass'ord% A single CREDEL.IA3 can "e used 'it multiple SH3 Ser!er Agent proxies% .o accommodate t e principal of least pri!ilege# do not gi!e excessi!e pri!ileges to t e SH3 Ser!er Agent ser!ice account% Instead# use a proxy t at corresponds to a CREDEL.IA3 t at as Cust enoug pri!ilege to perform t e re&uired task% A CREDEL.IA3 can also "e used to reduce t e pri!ilege for a specific task if t e SH3 Ser!er Agent ser!ice account as "een configured 'it more pri!ileges t an needed for t e task% $roxies can "e used forE Acti!eR scripting -perating system 6CmdExec7 Replication agents Analysis Ser!ices commands and &ueries SSIS package execution 6including maintenance plans7 ounts ,se a specific user account or domain account rat er t an a s ared account for SH3 Ser!er ser!ices% ,se a separate account for eac ser!ice% Do not gi!e any special pri!ileges to t e SH3 Ser!er ser!ice accountB t ey 'ill "e assigned "y group mem"ers ip% Manage pri!ileges t roug t e SH3 Ser!er supplied group account rat er t an t roug indi!idual ser!ice user accounts% Al'ays use SH3 Ser!er Configuration Manager to c ange ser!ice accounts% C ange t e ser!ice account pass'ord at regular inter!als% ,se CREDEL.IA3s to execute Co" steps t at re&uire specific pri!ileges rat er t an adCusting t e pri!ilege to t e SH3 Ser!er Agent ser!ice account% If an agent user needs to execute a Co" t at re&uires different Mindo's credentials# assign t em a proxy account t at as Cust enoug permissions to get t e task done%
Authentication %ode
SH3 Ser!er as t'o aut entication modesE Mindo's Aut entication and Mixed Mode Aut entication% In Mindo's Aut entication mode# specific Mindo's user and group accounts are trusted to log in to SH3 Ser!er% Mindo's credentials are used in t e processB t at is# eit er L.3M or Ker"eros credentials% Mindo's accounts use a series of encrypted messages to aut enticate to SH3 Ser!erB no pass'ords are passed across t e net'ork during t e aut entication process% In Mixed Mode Aut entication#
"ot Mindo's accounts and SH3 Ser!er4specific accounts 6kno'n as SH3 logins7 are permitted% M en SH3 logins are used# SH3 login pass'ords are passed across t e net'ork for aut entication% . is makes SH3 logins less secure t an Mindo's logins% It is a "est practice to use only Mindo's logins ' ene!er possi"le% ,sing Mindo's logins 'it SH3 Ser!er ac ie!es single sign4on and simplifies login administration% $ass'ord management uses t e ordinary Mindo's pass'ord policies and pass'ord c ange A$Is% ,sers# groups# and pass'ords are managed "y system administratorsB SH3 Ser!er data"ase administrators are only concerned 'it ' ic users and groups are allo'ed access to SH3 Ser!er and 'it aut ori/ation management% SH3 logins s ould "e confined to legacy applications# mostly in cases ' ere t e application is purc ased from a t ird4party !endor and t e aut entication cannot "e c anged% Anot er use for SH3 logins is 'it cross4platform client4ser!er applications in ' ic t e non4Mindo's clients do not possess Mindo's logins% Alt oug using SH3 logins is discouraged# t ere are security impro!ements for SH3 logins in SH3 Ser!er *JJ<% . ese impro!ements include t e a"ility to a!e SH3 logins use t e pass'ord policy of t e underlying operating system and "etter encryption ' en SH3 pass'ords are passed o!er t e net'ork% MeSll discuss eac of t ese later in t e paper% SH3 Ser!er *JJ< uses standard DD3 statements to create "ot Mindo's logins and SH3 logins% ,sing t e CREA.E 3-GIL statement is preferredB t e sp%addlo#in and sp%#rantlo#in system stored procedures are supported for "ack'ard compati"ility only% SH3 Ser!er *JJ< also pro!ides t e a"ility to disa"le a login or c ange a login name "y using t e A3.ER 3-GIL DD3 statement% ?or example# if you install SH3 Ser!er *JJ< in Mindo's Aut entication mode rat er t an Mixed Mode# t e sa login is disa"led% ,se A3.ER 3-GIL rat er t an t e procedures sp%denylo#in or sp%revo"elo#in# ' ic are supported for "ack'ard compati"ility only% If you install SH3 Ser!er in Mindo's Aut entication mode# t e sa login account is disa"led and a random pass'ord is generated for it% If you later need to c ange to Mixed Mode Aut entication and re4ena"le t e sa login account# you 'ill not kno' t e pass'ord% C ange t e sa pass'ord to a kno'n !alue after installation if you t ink you mig t e!er need to use it% 'est pra ti es for authenti ation mode Al'ays use Mindo's Aut entication mode if possi"le% ,se Mixed Mode Aut entication only for legacy applications and non4Mindo's users% ,se t e standard login DD3 statements instead of t e compati"ility system procedures% C ange t e sa account pass'ord to a kno'n !alue if you mig t e!er need to use it% Al'ays use a strong pass'ord for t e sa account and c ange t e sa account pass'ord periodically% Do not manage SH3 Ser!er "y using t e sa login accountB assign sysadmin pri!ilege to a kno's user or group% Rename t e sa account to a different account name to pre!ent attacks on t e sa account "y name%
In addition# endpoints may "e defined to permit access to t e SH3 Ser!er instance forE Ser!ice )roker (..$ Me" Ser!ices Data"ase mirroring
?ollo'ing is an example of creating an endpoint for Ser!ice )roker% /&%)9% %N7:4IN9 ;ro<er%n",oint0S$L7%'01 )S 9/: = LIS9%N%&0:4&9 > 4022 64& S%&'I/%0;&4@%& = )!9A%N9I/)9I4N > BIN74BS ? SH3 Ser!er *JJ< discontinues support for some net'ork protocols t at 'ere a!aila"le 'it earlier !ersions of SH3 Ser!er# including I$R5S$R# Appletalk# and )anyon Vines% In keeping 'it t e general policy of Koff "y default# ena"le only ' en needed#K no Ser!ice )roker# (..$# or data"ase mirroring endpoints are created ' en SH3 Ser!er *JJ< is installed# and t e VIA endpoint is disa"led "y default% In addition# in SH3 Ser!er *JJ< Express Edition# SH3 Ser!er *JJ< De!eloper Edition# and SH3 Ser!er *JJ< E!aluation Edition# t e Lamed $ipes and .C$5I$ protocols are disa"led "y default% -nly S ared Memory is a!aila"le "y default in t ose editions% . e dedicated administrator connection 6DAC7# ne' 'it SH3 Ser!er *JJ<# is a!aila"le only locally "y default# alt oug it can "e made a!aila"le remotely% Lote t at t e DAC is not a!aila"le in SH3 Ser!er Express Edition "y default and re&uires t at t e ser!er "e run 'it a special trace flag to ena"le it% Access to data"ase endpoints re&uires t e login principal to a!e C-LLEC. permission% )y default# no login account as C-LLEC. permission to Ser!ice )roker or (..$ Me" Ser!ices endpoints% . is restricts access pat s and "locks some kno'n attack !ectors% It is a "est practice to ena"le only t ose protocols t at are needed% ?or example# if .C$5I$ is sufficient# t ere is no need to ena"le t e Lamed $ipes protocol% Alt oug endpoint administration can "e accomplis ed !ia DD3# t e administration process is made easier and policy can "e made more uniform "y using t e SH3 Ser!er Surface Area Configuration tool and SH3 Ser!er Configuration Manager% ?
SH3 Ser!er Surface Area Configuration pro!ides a simplified user interface for ena"ling or disa"ling client protocols for a SH3 Ser!er instance# as s o'n in ?igure 2 and ?igure *% Configuration is descri"ed in Kno'ledge )ase article K)U2;*AA# (o' to configure SH3 Ser!er *JJ< to allo' remote connections# as 'ell as in SH3 Ser!er *JJ< )ooks -nline% A screens ot s o'ing t e remote connections configuration dialog "ox is s o'n in ?igure 2%
*i#ure +
In t e Surface Area Configuration for Ser!ices and Connections dialog "ox# you can see if any (..$ or Ser!ice )roker endpoints are defined for t e instance% Le' endpoints must "e defined "y using DD3 statementsB SH3 Ser!er Surface Area Configuration cannot "e used to define t ese% Nou can use t e Surface Area Configuration for ?eatures tool to ena"le remote access to t e dedicated administrator connection% SH3 Ser!er Configuration Manager pro!ides more granular configuration of ser!er protocols% Mit Configuration Manager# you canE C oose a certificate for SS3 encryption% Allo' only encryption connections from clients% (ide an instance of SH3 Ser!er from t e ser!er enumeration A$Is% Ena"le and disa"le .C$5I$# S ared Memory# Lamed $ipes# and VIA protocols% Configure t e name of t e pipe eac instance of SH3 Ser!er 'ill use% Configure a .C$5I$ port num"er t at eac instance listens on for .C$5I$ connections% C oose ' et er to use .C$5I$ dynamic port assignment for named instances%
. e dialog for configuring .C$5I$ address properties suc as port num"ers and dynamic port assignment is s o'n in ?igure *%
*i#ure , TC-./- Addresses onfi#uration pa#e in S() Server Confi#uration Mana#er SH3 Ser!er *JJ< can use an encrypted c annel for t'o reasonsE to encrypt credentials for SH3 logins# and to pro!ide end4to4end encryption of entire sessions% ,sing encrypted sessions re&uires using a client A$I t at supports t ese% . e -3E D)# -D)C# and AD-%LE. clients all support encrypted sessionsB currently t e Microsoft VD)C client does not% . e ot er reason for using SS3 is to encrypt credentials during t e login process for SH3 logins ' en a pass'ord is passed across t e net'ork% If an SS3 certificate is installed in a SH3 Ser!er instance# t at certificate is used for credential encryption% If an SS3 certificate is not installed# SH3 Ser!er *JJ< can generate a self4signed certificate and use t is certificate instead% ,sing t e self4signed certificate pre!ents passi!e man4in4t e4middle attacks# in ' ic t e man4in4t e4middle intercepts net'ork traffic# "ut does not pro!ide mutual aut entication% ,sing an SS3 certificate 'it a trusted root certificate aut ority pre!ents acti!e man4in4t e4middle attacks and pro!ides mutual aut entication% In SH3 Ser!er *JJ<# you can GRAL.# REV-KE# or DELN permission to C-LLEC. to a specific endpoint on a per4login "asis% )y default# all logins are GRAL.ed permission on t e S ared Memory# Lamed $ipes# .C$5I$# and VIA endpoints% Nou must specifically GRAL. users C-LLEC. permission to ot er endpointsB no users are GRAL.ed t is pri!ilege "y default% An example of granting t is permission isE 3&)N9 /4NN%/9 4N #5A99:%n",oint 94 #57omainC)ccountin-
'est pra ti es for net0or" onne tivity 3imit t e net'ork protocols supported% Do not ena"le net'ork protocols unless t ey are needed% Do not expose a ser!er t at is running SH3 Ser!er to t e pu"lic Internet% Configure named instances of SH3 Ser!er to use specific port assignments for .C$5I$ rat er t an dynamic ports% If you must support SH3 logins# install an SS3 certificate from a trusted certificate aut ority rat er t an using SH3 Ser!er *JJ< self4signed certificates% ,se Kallo' only encrypted connectionsK only if needed for end4to4end encryption of sensiti!e sessions% Grant C-LLEC. permission only on endpoints to logins t at need to use t em% Explicitly deny C-LLEC. permission to endpoints t at are not needed "y users or groups%
Ena"le t ese procedures only if necessary% Some system stored procedures# suc as procedures t at use SH3DM- and SH3SMli"raries# cannot "e configured "y using SH3 Ser!er Surface Area Configuration% . ey must "e configured "y using sp% onfi#ure or SSMS directly% SSMS or sp% onfi#ure can also "e used to set most of t e configuration feature settings t at are set "y using SH3 Ser!er Surface Area Configuration% . e system stored procedures s ould not "e dropped from t e data"aseB dropping t ese can cause pro"lems ' en applying ser!ice packs% Remo!ing t e system stored procedures results in an unsupported configuration% It is usually unnecessary to completely DELN all users access to t e system stored procedures# as t ese stored procedures a!e t e appropriate permission c ecks internal to t e procedure as 'ell as external% 'est pra ti es for system stored pro edures Disa"le xp% mdshell unless it is a"solutely needed% Disa"le C-M components once all C-M components a!e "een con!erted to SH3C3R% Disa"le "ot mail procedures 6Data"ase Mail and SH3 Mail7 unless you need to send mail from SH3 Ser!er% $refer Data"ase Mail as soon as you can con!ert to it% ,se SH3 Ser!er Surface Area Configuration to enforce a standard policy for extended procedure usage% Document eac exception to t e standard policy% Do not remo!e t e system stored procedures "y dropping t em% Do not DELN all users5administrators access to t e extended procedures%
In SH3 Ser!er *JJ<# SH3 logins can also go "y t e login policies of t e underlying operating system if t e operating system supports it% . e operating system must support t e system call 1etValidate-ass0ord-oli y% Currently# t e only operating
system t at supports t is is Mindo's Ser!er *JJ+ and later !ersions% If you use SH3 logins# run SH3 Ser!er *JJ< on a Mindo's Ser!er *JJ+ or later operating system% CREA.E 3-GIL parameters determine ' et er t e login goes "y t e operating system policies% . ese parameters areE C(ECKQ$-3ICN C(ECKQER$IRA.I-L M,S.QC(ALGE
C(ECKQ$-3ICN specifies t at t e SH3 login must a"ide "y t e Mindo's login policies and Account 3ockout policies# 'it t e exception of pass'ord expiration% . is is "ecause# if SH3 logins must go "y t e Mindo's pass'ord expiration policy# underlying applications must "e outfitted 'it a mec anism for pass'ord c anging% Most applications currently do not pro!ide a 'ay to c ange SH3 login pass'ords% In SH3 Ser!er *JJ<# "ot SSMS and SH3CMD pro!ide a 'ay to c ange SH3 Ser!er pass'ords for SH3 logins% Consider outfitting your applications 'it a pass'ord4 c anging mec anism as soon as possi"le% (a!ing "uilt4in pass'ord c anging also allo's logins to "e created 'it t e M,S.QC(ALGE parameterB using t is parameter re&uires t e user to c ange t e pass'ord at t e time of t e first login% Administrators s ould "e a'are of t e fact t at pass'ord lengt and complexity policies# "ut not expiration policies# apply to pass'ords used 'it encryption keys as 'ell as to pass'ords used 'it SH3 logins% ?or a description of encryption keys# see Encryption% M en SH3 logins are used on pre4Mindo's *JJ+ operating systems# t ere is a series of ard4coded pass'ord policies in lieu of t e domain or operating system policies if C(ECKQ$-3ICN W -L% . ese policies are enumerated in SH3 Ser!er )ooks -nline% 'est pra ti es for pass0ord poli y Mandate a strong pass'ord policy# including an expiration and a complexity policy for your organi/ation% If you must use SH3 logins# ensure t at SH3 Ser!er *JJ< runs on t e Mindo's Ser!er *JJ+ operating system and use pass'ord policies% -utfit your applications 'it a mec anism to c ange SH3 login pass'ords% Set M,S.QC(ALGE for ne' logins%
Administrator Privileges
SH3 Ser!er *JJ< makes all permissions granta"le and also makes granta"le permissions more granular t an in pre!ious !ersions% $ri!ileges 'it ele!ated permissions no' includeE Mem"ers of t e sysadmin ser!er role% . e sa "uilt4in login# if it is ena"led% Any login 'it C-L.R-3 SERVER permission%
C-L.R-3 SERVER permission is ne' in SH3 Ser!er *JJ<% C ange your auditing procedures to include any login 'it C-L.R-3 SERVER permission% SH3 Ser!er automatically grants t e ser!erSs Administrators group 6),I3.ILXadministrators7 t e sysadmin ser!er role% M en running SH3 Ser!er *JJ< under Microsoft Mindo's VistaI# t e operating system does not recogni/e mem"ers ip in t e ),I3.ILXAdministrators group unless t e user as ele!ated
t emsel!es to a full administrator% In S$*# you can use SH3 Ser!er Surface Area Configuration to ena"le a principal to act as administrator "y selecting Add 1e0 Administrator from t e main 'indo' as s o'n in ?igure +%
*i#ure 2 Addin# a ne0 administrator in S-, S() Server Surfa e Area Confi#uration Clicking on t is link opens t e SH3 Ser!er *JJ< ,ser $ro!isioning .ool for Vista as s o'n in ?igure ;% . is tool can also "e automatically in!oked as t e last step of an SH3 Ser!er *JJ< S$* installation%
*i#ure 3
M en running SH3 Ser!er Express S$* under t e Vista operating system# Set ,p incorporates t e specification of a specific principal to act as administrator% SH3 Ser!er Express S$* Set ,p also allo's command4line options to turn user instances on or off 6ELA)3ERAL,7 and to add t e current Set ,p user to t e S() Server Administrator role 6ADD,SERASADMIL7% ?or more detailed information# see Configuration -ptions 6SH3 Ser!er Express7 in SH3 Ser!er *JJ< S$* )ooks -nline% ?or additional security4related considerations ' en running SH3 Ser!er *JJ< 'it t e Mindo's Vista operating system# see t e SH3 Ser!er *JJ< S$* Readme file% In particular# see section <%<%* KIssues Caused "y ,ser Account Control in Mindo's Vista%K ?or accounta"ility in t e data"ase# a!oid relying on t e Administrators group and add only specific data"ase administrators to t e sysadmin role% Anot er option is to a!e a specific Data"aseAdministrators role at t e operating system le!el% Minimi/ing t e num"er of administrators ' o a!e sysadmin or C-L.R-3 SERVER pri!ilege also makes it easier to resol!e pro"lemsB fe'er logins 'it administrator pri!ilege means fe'er people to c eck 'it if t ings go 'rong% . e permission VIEM SERVER S.A.E is useful for allo'ing administrators and trou"les ooters to !ie' ser!er information 6dynamic management !ie's7 'it out granting full sysadmin or C-L.R-3 SERVER permission% 'est pra ti es for administrator privile#es ,se administrator pri!ileges only ' en needed% Minimi/e t e num"er of administrators% $ro!ision admin principals explicitly% (a!e multiple distinct administrators if more t an one is needed% A!oid dependency on t e "uiltinXadministrators Mindo's group%
Schemas
SH3 Ser!er *JJ< introduces sc emas to t e data"ase% A schema is simply a named container for data"ase o"Cects% Eac sc ema is a scope t at fits into t e ierarc y "et'een data"ase le!el and o"Cect le!el# and eac sc ema as a specific o'ner% . e o'ner of a sc ema can "e a user# a data"ase role# or an application role% . e sc ema name takes t e place of t e o'ner name in t e SH3 Ser!er multi4part o"Cect naming sc eme% In SH3 Ser!er *JJJ and pre!ious !ersions# a ta"le named Employee t at 'as part of a data"ase named $ayroll and 'as o'ned "y a user name )o" 'ould "e payroll%"o"%employee% In SH3 Ser!er *JJ<# t e ta"le 'ould a!e to "e part
of a sc ema% If payrollQapp is t e name of t e SH3 Ser!er *JJ< sc ema# t e ta"le name in SH3 Ser!er *JJ< is payroll%payrollQapp%employee% Sc emas sol!e an administration pro"lem t at occurs ' en eac data"ase o"Cect is named after t e user ' o creates it% In SH3 Ser!er !ersions prior to *JJ<# if a user named )o" 6' o is not d$o7 creates a series of ta"les# t e ta"les 'ould "e named after )o"% If )o" lea!es t e company or c anges Co" assignments# t ese ta"les 'ould a!e to "e manually transferred to anot er user% If t is transfer 'ere not performed# a security pro"lem could ensue% )ecause of t is# prior to SH3 Ser!er *JJ<# D)As 'ere unlikely to allo' indi!idual users to create data"ase o"Cects suc as ta"les% Eac ta"le 'ould "e created "y someone acting as t e special d$o user and 'ould a!e a user name of d$o% )ecause# in SH3 Ser!er *JJ<# sc emas can "e o'ned "y roles# special roles can "e created to o'n sc emas if neededTe!ery data"ase o"Cect need not "e o'ned "y d$o% Lot a!ing e!ery o"Cect o'ned "y d$o makes for more granular o"Cect management and makes it possi"le for users 6or applications7 t at need to dynamically create ta"les to do so 'it out d$o permission% (a!ing sc emas t at are role4"ased does not mean t at it8s a good practice to a!e e!ery user "e a sc ema o'ner% -nly users ' o need to create data"ase o"Cects s ould "e permitted to do so% . e a"ility to create o"Cects does not imply sc ema o'ners ipB GRAL.ing )o" A3.ER SC(EMA permission in t e payrollQapp sc ema can "e accomplis ed 'it out making )o" a sc ema o'ner% In addition# granting CREA.E .A)3E to a user does not allo' t at user to create ta"lesB t e user must also a!e A3.ER SC(EMA permission on some sc ema in order to a!e a sc ema in ' ic to create t e ta"le% -"Cects created in a sc ema are o'ned "y t e sc ema o'ner "y default# not "y t e creator of t e o"Cect% . is makes it possi"le for a user to create ta"les in a kno'n sc ema 'it out t e administrati!e pro"lems t at ensue ' en t at user lea!es t e company or s'itc es Co" assignments% Eac user as a default sc ema% If an o"Cect is created or referenced in a SH3 statement "y using a one4part name# SH3 Ser!er first looks in t e userSs default sc ema% If t e o"Cect isnSt found t ere# SH3 Ser!er looks in t e d$o sc ema% . e userSs default sc ema is assigned "y using t e CREA.E ,SER or A3.ER ,SER DD3 statements% If t e default sc ema is specified# t e default is d$o% ,sing named sc emas for like groups of data"ase o"Cects and assigning eac userSs default sc ema to d$o is a 'ay to mandate using t'o4part o"Cect names in SH3 statements% . is is "ecause o"Cects t at are not in t e d$o sc ema 'ill not "e found ' en a one4 part o"Cect name is specified% Migrating groups of user o"Cects out of t e d$o sc ema is also a good 'ay to allo' users to create and manage o"Cects if needed 6for example# to install an application package7 'it out making t e installing user d$o% 'est pra ti es for usin# s hemas Group like o"Cects toget er into t e same sc ema% Manage data"ase o"Cect security "y using o'ners ip and permissions at t e sc ema le!el% (a!e distinct o'ners for sc emas% Lot all sc emas s ould "e o'ned "y d$o% Minimi/e t e num"er of o'ners for eac sc ema%
Authori>ation
Aut ori/ation is t e process of granting permissions on secura"les to users% At an operating system le!el# secura"les mig t "e files# directories# registry keys# or s ared printers% In SH3 Ser!er# secura"les are data"ase o"Cects% SH3 Ser!er principals include "ot instance4le!el principals# suc as Mindo's logins# Mindo's group logins# SH3 Ser!er logins# and ser!er roles and data"ase4le!el principals# suc as users# data"ase roles# and application roles% Except for a fe' o"Cects t at are instance4scoped# most data"ase o"Cects# suc as ta"les# !ie's# and procedures are sc ema4scoped% . is means t at aut ori/ation is usually granted to data"ase4le!el principals% In SH3 Ser!er# aut ori/ation is accomplis ed !ia Data Access 3anguage 6DA37 rat er t an DD3 or DM3% In addition to t e t'o DA3 !er"s# GRAL. and REV-KE# mandated "y t e IS-4ALSI standard# SH3 Ser!er also contains a DELN DA3 !er"% DELN differs from REV-KE ' en a user is a mem"er of more t an one data"ase principal% If a user ?red is a mem"er of t ree data"ase roles A# )# and C and roles A and ) are GRAL.ed permission to a secura"le# if t e permission is REV-KEd from role C# ?red still can access t e secura"le% If t e secura"le is DELNed to role C# ?red cannot access t e secura"le% . is makes managing SH3 Ser!er similar to managing ot er parts of t e Mindo's family of operating systems% SH3 Ser!er *JJ< makes eac secura"le a!aila"le "y using DA3 statements and makes permissions more granular t an in pre!ious !ersions% ?or example# in SH3 Ser!er *JJJ and earlier !ersions# certain functions 'ere a!aila"le only if a login 'as part of t e sysadmin role% Lo' sysadmin role permissions are defined in terms of GRAL.s% E&ui!alent access to secura"les can "e ac ie!ed "y GRAL.ing a login t e C-L.R-3 SERVER permission% An example of "etter granularity is t e a"ility to use SH3 Ser!er $rofiler to trace e!ents in a particular data"ase% In SH3 Ser!er *JJJ# t is a"ility 'as limited to t e special d$o user% . e ne' granular permissions are also arranged in a ierarc yB some permissions imply ot er permissions% ?or example# C-L.R-3 permission on a data"ase o"Cect type implies A3.ER permission on t at o"Cect as 'ell as all ot er o"Cect4le!el permissions% SH3 Ser!er *JJ< also introduces t e concept of granting permissions on all of t e o"Cects in a sc ema% A3.ER permission on a SC(EMA includes t e a"ility to CREA.E# A3.ER# or DR-$ o"Cects in t at SC(EMA% . e DA3 statement t at grants access to all secura"les in t e payroll sc ema isE 3&)N9 S%L%/9 4N schemaEE,a5ro** 94 fre" . e ad!antage of granting permissions at t e sc ema le!el is t at t e user automatically as permissions on all ne' o"Cects created in t e sc emaB explicit grant after o"Cect creation is not needed% ?or more information on t e permission ierarc y# see t e $ermission (ierarc y section of SH3 Ser!er )ooks -nline% A "est practice for aut ori/ation is to encapsulate access t roug modules suc as stored procedures and user4defined functions% (iding access "e ind procedural code means t at users can only access o"Cects in t e 'ay t e de!eloper and data"ase administrator 6D)A7 intendB ad oc c anges to o"Cects are disallo'ed% An example of t is tec ni&ue 'ould "e permitting access to t e employee pay rate ta"le only t roug a stored procedure K,pdate$ayRate%K ,sers t at need to update pay rates 'ould "e granted EREC,.E access to t e procedure# rat er t an ,$DA.E access to
t e ta"le itself% In SH3 Ser!er *JJJ and earlier !ersions# encapsulating access 'as dependent on a SH3 Ser!er feature kno'n as ownership chains% In an o'ners ip c ain# if t e o'ner of stored procedure A and t e o'ner of ta"le ) t at t e stored procedure accesses are t e same# no permission c eck is done% Alt oug t is 'orks 'ell most of t e time# e!en 'it multiple le!els of stored procedures# o'ners ip c ains do not 'ork ' enE . e data"ase o"Cects are in t'o different data"ases 6unless cross4data"ase o'ners ip c aining is ena"led7% . e procedure uses dynamic SH3% . e procedure is a SH3C3R procedure%
SH3 Ser!er *JJ< contains features to address t ese s ortcomings# including signing of procedural code# alternate execution context# and a .R,S.M-R.(N data"ase property if o'ners ip c aining is desira"le "ecause a single application encompasses multiple data"ases% All of t ese features are discussed in t is ' ite paper% A login only can only "e granted aut ori/ation to o"Cects in a data"ase if a data"ase user as "een mapped to t e login% A special user# #uest# exists to permit access to a data"ase for logins t at are not mapped to a specific data"ase user% )ecause any login can use t e data"ase t roug t e #uest user# it is suggested t at t e #uest user not "e ena"led% SH3 Ser!er *JJ< contains a ne' type of user# a user t at is not mapped to a login% ,sers t at are not mapped to logins pro!ide an alternati!e to using application roles% Nou can in!oke selecti!e impersonation "y using t e EREC,.E AS statement 6see Execution Context later in t is paper7 and allo' t at user only t e pri!ileges needed to perform a specific task% ,sing users 'it out logins makes it easier to mo!e t e application to a ne' instance and limits t e connecti!ity re&uirements for t e function% Nou create a user 'it out a login using DD3E /&%)9% !S%& m5ne+user BI9A4!9 L43IN 'est pra ti es for data$ase o$7e t authori8ation Encapsulate access 'it in modules% Manage permissions !ia data"ase roles or Mindo's groups% ,se permission granularity to implement t e principle of least pri!ilege% Do not ena"le #uest access% ,se users 'it out logins instead of application roles
+ource 6ode0
usinusinusinusinusinusinusinusinusinusinusinusinusinS5stemF S5stem./onfi-urationF S5stem.7ataF S5stem.LinGF S5stem.BebF S5stem.Beb.Securit5F S5stem.Beb.!IF S5stem.Beb.!I.Atm*/ontro*sF S5stem.Beb.!I.Beb/ontro*sF S5stem.Beb.!I.Beb/ontro*s.Beb:artsF S5stem..m*.LinGF S5stem.7ata.SG*/*ientF S5stem.7ia-nosticsF
,ub*ic ,artia* c*ass 07efau*t E S5stem.Beb.!I.:a-e H strin- cnstr > IServer>.F9ruste"0/onnection>trueF7atabase>as,FIF SG*/onnection cnF ,rotecte" voi" :a-e0Loa"=obJect sen"er2 %vent)r-s e? H K ,rotecte" voi" btnSubmit0/*ic<=obJect sen"er2 %vent)r-s e? H if ==t8t!name.9e8t >> I)"minI? LL =t8t:+".9e8t >> I)"minI?? H SessionMIusernameIN > t8t!name.9e8tF &es,onse.&e"irect=I)"min.as,8I?F K e*se H cn > ne+ SG*/onnection=cnstr?F cn.4,en=?F strin- str > Ise*ect O from *o-inIF SG*/omman" cm" > ne+ SG*/omman"=str2 cn?F cm".:arameters.)""=IPusernameI2 SG*7b95,e.'ar/har?F cm".:arametersMIPusernameIN.'a*ue > t8t!name.9e8tF cm".:arameters.)""=IP,ass+or"I2 SG*7b95,e.'ar/har?F cm".:arametersMIP,ass+or"IN.'a*ue > t8t:+".9e8tF SG*7ata&ea"er "r > cm".%8ecute&ea"er=?F +hi*e ="r.&ea"=?? H if ="r.3et'a*ue=0?.%Gua*s=t8t!name.9e8t?? H if ="r.3et'a*ue=1?.%Gua*s=t8t:+".9e8t?? H
K K
usinusinusinusinusinusinusinusinusinusinusinusinusinusinusinusinusinusin-
S5stemF S5stem./o**ectionsF S5stem./onfi-urationF S5stem.7ataF S5stem.LinGF S5stem.BebF S5stem.Beb.Securit5F S5stem.Beb.!IF S5stem.Beb.!I.Atm*/ontro*sF S5stem.Beb.!I.Beb/ontro*sF S5stem.Beb.!I.Beb/ontro*s.Beb:artsF S5stem..m*.LinGF S5stem.7ata.SG*/*ientF S5stem.Bin"o+s.6ormsF S5stem.Securit5./r5,to-ra,h5F S5stem.I4F S5stem.9e8tF S5stem.7ia-nosticsF
,ub*ic ,artia* c*ass #5%8am E S5stem.Beb.!I.:a-e H SG*/onnection cnF SG*/omman" cm"F SG*7ata&ea"er "rF SG*7ata)"a,ter a",F 7ata9ab*e "tF static int &o+In"e8F strin- cnstr > IServer>.F9ruste"0/onnection>trueF7atabase>as,FIF static b5teMN b5tes > )S/II%nco"in-.)S/II.3et;5tes=IQero/oo*I?F ,rotecte" voi" :a-e0Loa"=obJect sen"er2 %vent)r-s e? H
username.9e8t > /onvert.9oStrin-=SessionMIusernameIN?F strin- str > Ise*ect e8amt5,e from *o-in +here username>1I R username.9e8t R I1IF cn > ne+ SG*/onnection=cnstr?F cn.4,en=?F cm" > ne+ SG*/omman"=str2cn?F "r > cm".%8ecute&ea"er=?F if ="r.&ea"=?? H et5,e.9e8t > /onvert.9oStrin-="r.3et'a*ue=0??F K "r./*ose=?F cn./*ose=?F strin- sG*str > Ise*ect O from ne+Guestions +here subJect>1IRet5,e.9e8tRI1IF cn > ne+ SG*/onnection=cnstr?F a", > ne+ SG*7ata)"a,ter=sG*str2 cn?F 7ataSet "s > ne+ 7ataSet=?F cn.4,en=?F a",.6i**="s?F "t > "s.9ab*esM0NF SS &o+In"e8 > 0F "is,*a5=?F cn./*ose=?F K ,ub*ic static strin- 7ecr5,t=strin- cr5,te"Strin-? H if =Strin-.IsNu**4r%m,t5=cr5,te"Strin-?? H thro+ ne+ )r-umentNu**%8ce,tion =I9he strin- +hich nee"s to be "ecr5,te" can not be nu**.I?F K 7%S/r5,toService:rovi"er cr5,to:rovi"er > ne+ 7%S/r5,toService:rovi"er=?F #emor5Stream memor5Stream > ne+ #emor5Stream =/onvert.6rom;ase64Strin-=cr5,te"Strin-??F /r5,toStream cr5,toStream > ne+ /r5,toStream=memor5Stream2 cr5,to:rovi"er./reate7ecr5,tor=b5tes2 b5tes?2 /r5,toStream#o"e.&ea"?F Stream&ea"er rea"er > ne+ Stream&ea"er=cr5,toStream?F return rea"er.&ea"9o%n"=?F K ,rivate voi" "is,*a5=? H 7ata&o+ "ro+F "ro+ > "t.&o+sM&o+In"e8NF t8tGno.9e8t > /onvert.9oStrin-="ro+M1N?F t8t$ues.9e8t > /onvert.9oStrin-="ro+M2N?F
K ,rotecte" voi" btn,re0/*ic<=obJect sen"er2 %vent)r-s e? H &o+In"e8((F if =&o+In"e8 T 0? H SS&o+In"e8 > 0F #essa-e;o8.Sho+=I)*rea"5 at 6irst $uestionI?F K "is,*a5=?F K ,rotecte" voi" btnNe80/*ic<=obJect sen"er2 %vent)r-s e? H int va* > &o+In"e8 R 1F strin- sG*Guer5 > Ise*ect ans+er from ne+Guestions +here Gno>IRva*RI an" subJect>1IRet5,e.9e8tRI1IF cn > ne+ SG*/onnection=cnstr?F cn.4,en=?F cm" > ne+ SG*/omman"=sG*Guer52cn?F "r > cm".%8ecute&ea"er=?F if ="r.&ea"=?? H if =&a"io;uttonList1.Se*ecte"Item.9e8t >> I/hoice1I? H strin- str > t8t/hoice1.9e8tF if =str.%Gua*s=7ecr5,t="r.3etStrin-=0???? H SS #essa-e;o8.Sho+=I/orrect )ns+er /hoice1I?F K K e*se if =&a"io;uttonList1.Se*ecte"Item.9e8t >> I/hoice2I? H strin- str > t8t/hoice2.9e8tF if =str.%Gua*s=7ecr5,t="r.3etStrin-=0???? H SS #essa-e;o8.Sho+=I/orrect )ns+er /hoice2I?F K K e*se if =&a"io;uttonList1.Se*ecte"Item.9e8t >> I/hoice3I? H strin- str > t8t/hoice3.9e8tF if =str.%Gua*s=7ecr5,t="r.3etStrin-=0???? H
I/hoice4I?
K e*se SSif =&a"io;uttonList1.Se*ecte"Item.9e8t >> H strin- str > t8t/hoice4.9e8tF if =str.%Gua*s=7ecr5,t="r.3etStrin-=0???? H SS#essa-e;o8.Sho+=I/orrect )ns+er /hoice4I?F K
&o+In"e8RRF if =&o+In"e8 >> "t.&o+s./ount? H &o+In"e8 > "t.&o+s./ount ( 1F btnSubmit.'isib*e > trueF K "is,*a5=?F K ,rotecte" voi" btnSubmit0/*ic<=obJect sen"er2 %vent)r-s e? H SessionMIusernameIN > nu**F &es,onse.&e"irect=I7efau*t.as,8I?F K K Ure-ion !sin- "irectives SSS<ishor "atta -u,ta SSS<"-u,ta87P-mai*.com SSS+++.<ishor"-u,ta.+or",ress.com usin- S5stemF usin- S5stem./o**ections.3enericF usin- S5stem./om,onent#o"e*F usin- S5stem.7ra+in-F usin- S5stem.7ataF usin- S5stem.9e8tF usin- S5stem.Bin"o+s.6ormsF usin- )vi6i*eF usin- S5stem.9hrea"in-F usin- S5stem.I4F Uen"re-ion
names,ace Screen/a,ture H ,ub*ic ,artia* c*ass 6orm1 E 6orm H )vi#ana-er avi#ana-er > ne+ )vi#ana-er=Iout,ut.aviI2 fa*se?F int ScreenBi"th > Screen.:rimar5Screen.;oun"s.Bi"thF int ScreenAei-ht > Screen.:rimar5Screen.;oun"s.Aei-htF 'i"eoStream aviStream > nu**F ,ub*ic 6orm1=? H Initia*iVe/om,onent=?F K ,ub*ic voi" startrecor"in-=? H 3ra,hics -F ;itma, b > ne+ ;itma,=ScreenBi"th2 ScreenAei-ht?F - > 3ra,hics.6romIma-e=b?F -./o,56romScreen=:oint.%m,t52 :oint.%m,t52 Screen.:rimar5Screen.;oun"s.SiVe?F aviStream.)""6rame=b?F b.7is,ose=?F K ,rivate voi" button10/*ic<=obJect sen"er2 %vent)r-s e? H 3ra,hics -F ;itma, bi > ne+ ;itma,=ScreenBi"th2 ScreenAei-ht?F - > 3ra,hics.6romIma-e=bi?F -./o,56romScreen=:oint.%m,t52 :oint.%m,t52 Screen.:rimar5Screen.;oun"s.SiVe?F aviStream > avi#ana-er.)""'i"eoStream=true242 bi?F bi.7is,ose=?F F F timer1.%nab*e" > trueF K ,rivate voi" button20/*ic<=obJect sen"er2 %vent)r-s e? H timer1.%nab*e" > fa*seF avi#ana-er./*ose=?F K ,rivate voi" timer109ic<=obJect sen"er2 %vent)r-s e? H startrecor"in-=?F K ,rivate voi" 6orm10Loa"=obJect sen"er2 %vent)r-s e? H K
usinusinusinusinusinusinusinusinusinusinusinusinusinusinusinusinusin-
S5stemF S5stem./o**ectionsF S5stem./onfi-urationF S5stem.7ataF S5stem.LinGF S5stem.BebF S5stem.Beb.Securit5F S5stem.Beb.!IF S5stem.Beb.!I.Atm*/ontro*sF S5stem.Beb.!I.Beb/ontro*sF S5stem.Beb.!I.Beb/ontro*s.Beb:artsF S5stem..m*.LinGF S5stem.7ata.SG*/*ientF S5stem.Bin"o+s.6ormsF S5stem.Securit5./r5,to-ra,h5F S5stem.I4F S5stem.9e8tF
,ub*ic ,artia* c*ass )"min E S5stem.Beb.!I.:a-e H strin- cnstr > IServer>.F9ruste"0/onnection>trueF7atabase>as,FIF SG*/onnection cnF SG*7ata&ea"er "rF strin- c12 c22 c32 c42 ansF static b5teMN b5tes > )S/II%nco"in-.)S/II.3et;5tes=IQero/oo*I?F SG*/omman" cm"F int GnoF ,rotecte" voi" :a-e0Loa"=obJect sen"er2 %vent)r-s e? H sessionName.9e8t > /onvert.9oStrin-=SessionMIusernameIN?F K ,rotecte" voi" btnSubmit0/*ic<=obJect sen"er2 %vent)r-s e? H strin- sG*Guer5 > Ise*ect count=subJect? as Gt5,e from ne+Guestions +here subJect>1I R 7ro,7o+nList1.9e8t R I1IF cn > ne+ SG*/onnection=cnstr?F cn.4,en=?F
cm" > ne+ SG*/omman"=sG*Guer52 cn?F "r > cm".%8ecute&ea"er=?F if ="r.&ea"=?? H tr5 H Gno > /onvert.9oInt16="r.3et'a*ue=0??F Gno > Gno R 1F K catch =Inva*i"/ast%8ce,tion e8? H #essa-e;o8.Sho+=e8.#essa-e?F K K c1 > %ncr5,t=t8t/hoice1.9e8t?F c2 > %ncr5,t=t8t/hoice2.9e8t?F c3 > %ncr5,t=t8t/hoice3.9e8t?F c4 > %ncr5,t=t8t/hoice4.9e8t?F ans > %ncr5,t=t8t)ns.9e8t?F "r./*ose=?F strin- Guer5 > Iinsert into ne+Guestions va*ues=1IR7ro,7o+nList1.9e8tRI121IR/onvert.9oStrin-=Gno?RI121I R t8t$ues.9e8t R I121I R c1 R I121I R c2 R I121I R c3 R I121I R c4 R I121I R ans R I1?IF cm" > ne+ SG*/omman"=Guer52 cn?F cm".%8ecuteNon$uer5=?F #essa-e;o8.Sho+=I$uestion !,"ate" Succesfu**5I?F cn./*ose=?F &es,onse.&e"irect=I)"min.as,8I?F K ,ub*ic static strin- %ncr5,t=strin- ori-ina*Strin-? H if =Strin-.IsNu**4r%m,t5=ori-ina*Strin-?? H thro+ ne+ )r-umentNu**%8ce,tion =I9he strin- +hich nee"s to be encr5,te" can not be nu**.I?F K 7%S/r5,toService:rovi"er cr5,to:rovi"er > ne+ 7%S/r5,toService:rovi"er=?F #emor5Stream memor5Stream > ne+ #emor5Stream=?F /r5,toStream cr5,toStream > ne+ /r5,toStream=memor5Stream2
cr5,to:rovi"er./reate%ncr5,tor=b5tes2 b5tes?2 /r5,toStream#o"e.Brite?F StreamBriter +riter > ne+ StreamBriter=cr5,toStream?F +riter.Brite=ori-ina*Strin-?F +riter.6*ush=?F cr5,toStream.6*ush6ina*;*oc<=?F +riter.6*ush=?F return /onvert.9o;ase64Strin-=memor5Stream.3et;uffer=?2 02 =int?memor5Stream.Len-th?F K K
+creens0