是否使用Web服务暴露一个.NET DAL添加安全? [英] Does using web services to expose a .NET DAL add security?
问题描述
目前我的雇主部署了3台服务器的Web应用程序。
Currently my employer deploys a web application over 3 servers.
- DB - 没有大众路线
- Web服务DAL - 没有大众路线
- Web服务器 - 大众路线
这样做的原因是理论,如果Web服务器被攻破,他们不直接到达DB,而是在DAL包装箱中。
The reason for this is the theory that if the web server is compromised, they don't arrive at the DB directly, but instead arrive at the DAL box.
在我看来,作为DAL框和网页服务器箱 - 无论是运行Windows / IIS - 如果公众箱已被破坏,同样的漏洞可能会在DAL箱的工作 - 所以我不认为这是一个真正的安全优势。
To my mind, as the DAL box and Web Sever box - both run windows/IIS - if the public box has been compromised, the same exploit would likely work on the DAL box - therefore I do not see this as a real security benefit.
我想建议我们取出中间的机器,并允许Web服务器直接连接到数据库。
I would like to propose we remove the middle machine and allow the web server to connect directly to the database.
这是中间的方框真正受益?
Is this middle box really a benefit?
推荐答案
web用户界面和数据库你们之间的Web服务层的安全好处是,在最好的,最小的。即使与网络基础设施由slugster建议的,你的攻击者只有无法从他/她的计算机访问Web服务。考虑到这样的折衷很可能也给攻击者某种形式的到Web服务器本身进行远程访问,则网络电平的访问限制是完全无用的。你可能会设法prevent某种形式连接的,但如果有人有兴趣在获得箱子,一旦他们得到它没有什么您的网络上,将能够从一个合法用户辨别攻击者。
The security benefits of a web service layer between you web UI and database are, at best, minimal. Even with the network infrastructure suggested by slugster, your attacker is only unable to access the web services from his/her machine. Considering such a compromise would most likely also give the attacker some form of remote access to the web server itself, your network level access restrictions are totally useless. You might manage to prevent some forms of attach, but if someone is interested in getting access to the box, once they get it there is nothing on your network that will be able to distinguish an attacker from a legitimate user.
什么使情况变得更糟的是,你被卡住code一层额外的,你必须要保持支持这一额外的一层,这意味着你将有更多的错误,它会需要更长的时间创建新的功能。
What makes it worse is that you are stuck with an extra layer of code that you have to maintain to support this extra layer, which means you are going to have more bugs, and it is going to take longer to create new features.
的一种方法,这将是利用一些由人们谈论的建筑上下文CQRS描述的技术。特别是在<一个href=\"http://skillsmatter.com/podcast/open-source-dot-net/udi-dahan-command-query-responsibility-segregation/rl-311\"相对=nofollow>由乌迪大汉此presentation 的他平了建议把你的数据库在Web服务器上,并且只存储数据在里面,你需要支持的网站。其他数据,业务数据,存储在别处,在一个单独的数据库中。你也可以使用NoSQL数据库,如MongoDB的或RavenDB为presentation数据并完全放弃了关系数据库。
One approach to this would be to utilize some of the techniques described by the folks talking about CQRS in an architectural context. Specifically in this presentation by Udi Dahan he flat out suggests putting your database on the web server, and only storing the data in it you need to support the web site. The other data, the business data, is stored elsewhere, in a separate database. You could also use NoSQL databases, like MongoDB or RavenDB for the presentation data and forgo the relational database altogether.
有很多的选择在那里,有的甚至会给你的安全,你的级别觉得的您与您现有的架构让。它始终是一个好主意,提供一些批判性思维,以这些类型的决策,我感到鼓舞的是你问这些各种各样的问题。
There are a lot of options out there, and some of them will even give you the level of security you think your getting with your current architecture. It is always a good idea to provide some critical thinking to these sorts of decisions, and I find it encouraging that your asking these sorts of questions.
祝你好运。
这篇关于是否使用Web服务暴露一个.NET DAL添加安全?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
