This document discusses building secure multi-tenant applications on .NET for cloud environments. It covers topics like tenant data isolation, role-based access control, securing data transmission and storage, addressing common web application vulnerabilities, and implementing security auditing. The speakers are introduced and their backgrounds are provided. Contact details and additional resources are listed at the end.

1. Building Multi-tenant Highly Secured
Applications on .NET for any Cloud -
Demystified
26-Jun-2013
www.techcello.com
(A Division of Asteor Software Inc)

2. © Techcello www.techcello.com
Housekeeping Instructions
 All phones are set to mute. If you have any questions, please type them in the Chat window
located beside the presentation panel.
 We have already received several questions from the registrants, which will be answered by the
speakers during the Q & A session.
 We will continue to collect more questions during the session as we receive and will try to answer
them during today’s session.
 In case if you do not receive answers to your question today, you will certainly receive answers via
email shortly.
 Thanks for your participation and enjoy the session!

3. © Techcello www.techcello.com
Techcello Introduction
 Cloud Ready, SaaS/Multi-
Tenant Application
Development Framework
 Provides end-end SaaS
Lifecycle Management
Solution
 Redefines the way enterprise
softwares are built and
managed
 Saves anywhere between 30-
50% of time and cost

4. © Techcello www.techcello.com
Speaker Profiles
 14+ years of experience in architecting cloud and SaaS solutions
for both ISVs and Enterprises
 Chief architect in designing and constructing CelloSaaS
framework
 Plays consultative role with customers in implementing technical
solutions
Jothi Rengarajan
Senior Technical Architect
TechCello
James McGovern
Chief Architect
Hewlett-Packard
 One of the top 10 enterprise technologists in the world
 Has authored more than 6 books on computing and dozens of
published articles
 Twenty years experience in developing, managing and deploying
large scale technology systems, business processes, and
strategies

5. Security in Multi-Tenancy
Protection of information. It deals with the prevention and detection of unauthorized
actions and ensuring confidentiality, integrity of data.
© Techcello www.techcello.com
 Tenant data isolation
 RBAC – Prevent unauthorized action
 Data security
 Web related top threats as per OWASP
 Security Audit trail

6. © Techcello www.techcello.com
Tenant Data Isolation
 Database
Routing Based
On Tenant
 Application
Layer Auto
Tenant Filter
 Tenant Based
View Filter

7. © Techcello www.techcello.com
Role Based Access Control (RBAC)
Authentication
• Kinds of authentication tokens and source
• Username Password
• Multi factor authentication
• Claims based Authentication
• User identification information
• Encrypted cookie
• Session
Identity store
• Custom Store
• Password encryption/ hashing
• Password change policy externalization
• Active Directory Integration
• Identity Federation

8. © Techcello www.techcello.com
Role Based Access Control (RBAC)
Federation servers
• Oracle Identity Federation Server
• ADFS
• Azure Access control service

9. Role Based Access Control (RBAC)
Authorization
• Use privileges to define roles
• Privilege based control for actions
• Privilege based access for data
• Role mapped to privileges and user mapped to roles
• Code demands necessary privileges
• Roles should be defined by business users
• Configuration based privilege control
© Techcello www.techcello.com

10. © Techcello www.techcello.com
OWASP – TOP 10 Threats 2013
 A1 Injection
 A2 Broken Authentication and Session Management (was formerly A3)
 A3 Cross-Site Scripting (XSS) (was formerly A2)
 A4 Insecure Direct Object References
 A5 Security Misconfiguration (was formerly A6)
 A6 Sensitive Data Exposure (merged from former A7 Insecure Cryptographic Storage and
former A9 Insufficient Transport Layer Protection)
 A7 Missing Function Level Access Control (renamed/broadened from former A8 Failure to
Restrict URL Access)
 A8 Cross-Site Request Forgery (CSRF) (was formerly A5)
 A9 Using Known Vulnerable Components (new but was part of former A6 – Security
Misconfiguration)
 A10 Unvalidated Redirects and Forwards

11. © Techcello www.techcello.com
OWASP – open web application security project
Web application top threats
• Man in middle attack
• Use secure channel - https
• SQL Injection
• Use parameterized queries
• Malicious script injection and Cross Site Scripting
• Validate input if it is a safe HTML
• URL escape, Html escape and Javascript escape untrusted data
• Cross site request
• Challenge-Response such as CAPTCHA
• Synchronizer Token
• Origin header

12. Encryption
• Preferred Symmetric compared to asymmetric due to performance
• Use Strong Keys
• Change Keys Periodically
Key storage
• Store in Key Vault and store away from encrypted data
• Double encryption
• Dual key storage
Database encryption
• Watch for Performance implications
• Encrypt only necessary columns
© Techcello www.techcello.com
Data Security – Data Storage

13. © Techcello www.techcello.com
Data Security – Sample Encryption Decryption Approach

14. © Techcello www.techcello.com
Data Security – Data Transit
Web Server to Application
server
• Soap Web Service
• WS-Security
• message security
• transport security -https
• client authentication - username,
certificate, claims federation
• Rest
• Https
• Custom asymmetric encryption
• custom authentication
End user browser to web
server
• Https
• Custom encryption
Application to Database
• Transport Security

15. © Techcello www.techcello.com
Security Audit
Event Audit
• Covers
• Who does the action?
• What action is performed?
• What is the context in which the operation is performed?
• What time is the action performed?
• Event audit information – subject, target, context, user, datetime
• Audit details stored in a separate datastore for better
performance
• Realtime audit details – audit cache server

16. © Techcello www.techcello.com
Security Audit
Transaction and Change Audit
• Transaction Audit
• Snapshot: Exact copy of the row stored in history tables
• More suitable if requests to access past data are more
• More data growth
• Change Audit
• Only the delta of the state change captured as part of change tables
• More suitable when changes need to be reported and past data are not required
much
• Used more for Security tracking purposes
• Easier to implement by using methods available out of the box in RDBMS such as
CDC for SQL server
• Asynchronous Mode : For better performance and if we wish that audit should not roll
back the transactions it is advisable to audit in a asynchronous thread.

17. Cello Stack – At a Glance
How does it work?
Administrative
Tenant
Licensing Metering Billing Data Backup Modules
Provisioning
Security
User
Role/Privilege
Auditing Modules
Management
Mgmt.
Custom Fields Custom LoV
Ad-hoc Builders
Cloud Ready, Multi-Tenant Application Development Framework
Single Sign-on
Dynamic Data
Scope
Business
Rules
Workflow
Dynamic
Forms
Enterprise Engines
Integration Modules
Settings
Template
Events Notification Templates
Query Chart Reports
Code
Productivity Boosters
Templates
Master Data
Mgmt.
Forms
Generation
Application Multi-Tenancy & Tenant Data Isolation
Themes &
Logo
Pre & Post
Processors
Configurability
Modules
Cello Cloud Adapters

18. © Techcello www.techcello.com
Contact Details
Jothi Rengarajan (jothi.r@techcello.com)
James McGovern (james.mcgovern@hp.com)
Reference URLs
Web : http://www.techcello.com
ROI Calculator : http://www.techcello.com/techcello-roi-calculator
Demo Videos : http://www.techcello.com/techcello-resources/techcello-product-
demo
SaaS e-Book: http://www.techcello.com/techcello-resources/techcello-resources-
white-papers
Thank You