Additional measures to be taken for Windows Azure security handling

The best security practice for developing Windows Azure applications describes what threats should be considered a major threat for applications running in Windows Azure. It also specifically describes the threats that Azure can mitigate and the content you need to invoke the API and what you need to handle yourself. (It does not address compliance issues.) ）

What you should be working on

I'll select some threats and what you should do and provide some references so you can learn more about how to implement them in your code. This list is available in the Windows Azure Security Overview. But the exact results will depend on you.

This list is not comprehensive. As you learned from the previous section of this series, you tailor your security practices to your own application needs.

Tampering with threats

Tamper/leak credentials or other sensitive application data. For SSL connections, use Windows
Identity Foundation and HTTPS mutual authentication.

See how to Manage Service certificates for information about adding certificates to storage, associating certificates with services, and updating certificates. In these cases, we assume that IT managers and service developers are two different people, but they may also be the same person. See Windows Identity Foundation to help developers simplify user access by claim user access from the application and using pre-built security logic and integrated. NET tools to reduce development effort.

Denying threats

Audit log collection, storage, and analysis. Use the monitoring and diagnostics APIs, as needed, to transfer logs through HTTPS to private Blob storage/table storage. See:

Control logging and tracking in Windows Azure (from MSDN magazine). Azure Monitor (code for real-time monitoring of Azure hosted applications). It contains libraries for capturing run-time process information to the cloud table store, and also includes desktop applications for real-time viewing of captured information. Use Windows Azure diagnostics (approximately one-third from the page's page). Windows Azure provides integrated functionality for monitoring, logging, and tracking in a deployed environment, often referred to as diagnostics. Although these features can also be used for debugging purposes, they are best suited to monitor changes in application performance over time.

Information Disclosure threat

Leaks any secret in the blob/table/queue store. Pre-encrypt confidential data before uploading. Do not store decryption keys in Windows Azure storage.

Leaks shared access signatures. Use HTTPS to securely transfer the shared access signature to the desired recipient and set the appropriate permissions on the container. See Managing access rights for BLOBs and containers to learn how to use shared access signatures.

Denial of service threat

A very large number of requests at the customer code/application level. Implement application-level request restrictions, if necessary. See Auto scaling and Windows Azure.

Privilege elevation

The service/Application settings are misconfigured. You must set the scope of all cookies and Document.domain properties to service subdomains (for example, http://contoso.cloudapp.net) instead of *.cloudapp.net

Cross-site request for WEB role forgery attack. Use ASP.net defense. See Using ASP.net's built-in capabilities to protect against Web attacks.

Cross-site scripting attacks on Web role. Use the ANTI-XSS library.

API Blur attacks on interfaces exposed by WEB role. Fuzzy testing of all interfaces and endpoints exposed to the WEB (or any other service) for code only

Use security test tools, including fuzzy test tools. "Blur" provides structured but invalid input to software application programming interfaces (APIs) and network interfaces, thereby maximizing the likelihood of detecting errors that could lead to software vulnerabilities.

File obfuscation attacks on custom file parsers provided by the application. Fuzzy testing of all proprietary network protocols or file format parsers.

Patch security vulnerabilities at the Web role/customer code level. Develop a security response and update plan.

Tools to assist in fuzzy testing can be obtained from the Microsoft Security Development Lifecycle (SDL) Web site. SDL includes a variety of free tools and processes. For example, you can use:

minifuzz Basic file Fuzzy testing tool is a simple fuzzy test tool for simplifying fuzzy test deployment. The regular expression file Blur Test tool is a tool for testing potential denial of service vulnerabilities.

SQL Azure

I added this section about SQL Azure because the platform provides other ways you should know to mitigate threats.

SQL Azure Security Management. Security management in the SQL Azure database is similar to the security management of the internal deployment instance of SQL Server. Managing database-level security is essentially the same, except for the parameters that are available. Because the SQL Azure database can be extended to one or more physical computers, the SQL Azure database uses different policies for server-level management.

SQL Azure Firewall. You can lock the database to provide access only to authorized users or computers. To help protect your data, SQL Azure firewall blocks all access to your SQL Azure server before you specify which computers have permissions. The firewall grants access based on the originating IP address of each request.