Communications Network Security (Windows Embedded CE 6.0)
1/6/2010
Security for communications requires special attention because the network interface provides an access point to a device that can be used remotely by an attacker. It is easier for an attacker to remain anonymous or undetected through a network-based attack. This makes determining the source of the attack more difficult.
In general, client applications on a network are relatively more secure than servers or service applications. Clients initiate contacts with specific servers and specify the nature of their requests. This allows the client applications to determine the nature of incoming data and the identity of the server or service; they can reject unsolicited communications. Although Clients are not immune to security problems, they have more control over the nature of communications because they initiate communications, and this reduces the surface of vulnerability. Examples of client applications are browser, e-mail client, and ftp client.
Servers are more exposed because they wait to receive requests from clients on the network. Requests can come from anywhere in the network. When the server is exposed to the public interface, the surface vulnerability increases considerably. Examples of server applications include the Web server, ftp server, and telnet servers.
The following list describes the mitigation techniques that you can use:
- Use authentication.
When setting up authentication, you should consider whether it is important to authenticate the client to the server, the server to the client, or both. For example, when you connect to a bank, you need to verify the identity of the entity that you are giving credentials to. In this case, you need mutual authentication. On the other hand, when you browse a Web site to get information, you may not care about the identity of the entity that is providing the information.
When considering authentication methods, you should be aware that some methods are more vulnerable than others. For example, some methods pass username and passwords in clear text, which allows anyone who is monitoring the communication to intercept user credentials.
For more information about authentication, see Authentication Services. - Use tamper-resistant and privacy-enhanced technologies.
To protect data and other assets from being accessed, changed, and deleted, you can use Secure Sockets Layer (SSL) protocol. It encrypts data as it travels between the client and the server and it uses message authentication codes to provide data integrity. For more information, see SSL to Enhance Security of Network Communication. - Limit access to services and data.
To protect data and other assets, you can use access control lists with COM or Web servers to identify the users and determine the access permissions to resources or services. Many server applications offer their own form of control mechanism. - Use encryption.
For data privacy and integrity, you can use CryptoAPI. This provides services that enable data encryption/decryption schemes, authentication using digital signatures, and encoding/decoding to and from ASN.1 to Microsoft Win32-based applications.
For more information, see Microsoft Cryptographic System. - Isolate your process and use exception handling to provide stability and availability of services.
Make sure that your servers or service applications handle process or memory failures gracefully by using useful error messages. Malicious attackers may cause your application to fail or they may tie up network services by flooding the device with too many requests or by sending large files. For example, Message Queuing (MSMQ) rejects SOAP-based messages sent through HTTP when the message sizes exceed the limits defined in the registry. MSMQ sends an error message when a message is rejected. The buffer size can be optimized for specific applications through the registry.
You can provide stability for your application by terminating a service before the device resources are consumed. For example, Universal Plug and Play (UPnP) limits the number of subscribers to the service and rejects new subscriptions when the maximum number is reached. The subscriber limit can be optimized for specific applications through the registry. - Add a firewall to your internetwork.
To isolate internal data packets from exposure to the Internet, you can add a network firewall. This also prevents random Internet traffic from entering your internetwork. For information about enabling an IP Firewall, see IP Firewall OS Design Development.
See Also
Concepts
SSL to Enhance Security of Network Communication
Other Resources
Enhancing the Security of a Device
Authentication Services
Cryptography
Certificates