ESCAPE ONLINE 5 - Security
Microsoft .Net Framework Security
The .NET Framework security system functions atop traditional operating system security. This adds a second more expressive and extensible level to operating system security, with both layers complementing each other.
The .NET Framework uses a security model called role-based security. This means that users, and all code run on behalf of these users, are either permitted or not permitted to perform operations on critical resources.
Additionally, the .NET Framework provides code access security (also referred to as evidence-based security). With code access security, a user may be trusted to access a resource but if the code the user executes is not trusted, then access to the resource will be denied.
For an in-depth discussion about the .Net Framework, please see Microsoft's web site.
Escape Online Proprietary Security
Escape Online uses the .Net Framework to encrypt the data communication between the client and server. This prevents someone who intercepts data being transmitted between the client and server (using a packet sniffer) from being able to identify or use the data. Additionally, it uses the code access security in the routines for the client and server, not allowing a routine to function if accessed by non-Escape software. This prevents someone from writing a Trojan client program and connecting to the Escape Online server to extract data.
Escape Online 5 is a closed system, with controlled access through gateways. The Escape Online services on the server can only interact with code written by Escape Technology. We accomplish this using the .NET feature called strong naming, which embeds an encrypted key into every one of our assemblies.
Only Escape Online's Server Connection Point can create legitimate services during runtime. It supports only one public interface, and the protocol for communicating with this interface requires the use of the strong name key. All of our publications (which are what actually connect to our services) are contained in strong-named assemblies.
Each of the assemblies that comprise the application has a strong name key compiled into it. If a piece of code tries to communicate with a service, the system interrogates the request to make sure it has the strong name key. If it doesn't have the strong name key, the system won't allow the request to continue. You can't spoof any of our publications because you would not be able to strong-name them with our private security key, thus preventing "other" assemblies from impersonating Escape Online 5 assemblies.
Several of our key procedures, including, but not limited to the cryptology libraries also check to make sure they can only be loaded into an Escape, strong-named executable, making it impossible to decrypt any encrypted data using any 3rd-party program.
Additional Data Security
At the database level, Microsoft's SQL server requires that a program must first log into the database before the program can access any of the data.
During implementation, Escape Technology creates a named SQL server login Id and password with db_owner permissions to the Escape Online database. This secures the database against any unauthorized access by users or other programs.
In addition, user passwords for access to the Escape Online client are encrypted in the database. The encryption method is unique to each field. For example, even if two different users have the same password, the database field would contain totally different encrypted passwords. This protects against someone accessing the physical database and trying to give themselves access to another account.