Available:*
Library | Item Barcode | Call Number | Material Type | Item Category 1 | Status |
---|---|---|---|---|---|
Searching... | 30000004826792 | QA76.9.A73 L36 2002 | Open Access Book | Book | Searching... |
Searching... | 30000010029212 | QA76.9.A73 L36 2002 | Open Access Book | Book | Searching... |
On Order
Summary
Summary
This text is a clearly-written guide to building secure distributed applications with CORBA. It helps securing CORBA applications, integrating security infrastructure with CORBA applications, and evaluating the security effectiveness of distributed applications. The book provides a comprehensive study of the CORBA security architecture, allowing for a better understanding of its goals and limitations. It is designed to servwe as a complete reference for understanding security in distributed systems.
Author Notes
Ulrich Lang received his M.Sc. in Information Security from Royal Holloway College, at the University of London. Before that, he studied computer science with management at the Ludwig-Maximilians-Universität in Munich, Germany.
Mr. Lang is a researcher at the University of Cambridge Computer Laboratory, co-founder and Research Director of ObjectSecurity Ltd.
050
Table of Contents
Foreword | p. xiii |
Preface | p. xv |
Acknowledgments | p. xvii |
1 Introduction to CORBA | p. 1 |
1.1 Why CORBA? | p. 1 |
1.1.1 The Business Perspective | p. 1 |
1.1.2 The Technical Perspective | p. 2 |
1.2 The Object Management Group | p. 6 |
1.3 The OMA | p. 7 |
1.3.1 Introduction | p. 7 |
1.3.2 ORB | p. 8 |
1.3.3 Object Services | p. 9 |
1.3.4 Common Facilities and Domains | p. 13 |
1.3.5 Application Interfaces | p. 13 |
1.3.6 Object Frameworks | p. 14 |
1.4 CORBA | p. 14 |
1.4.1 ORB Core | p. 15 |
1.4.2 Object References | p. 16 |
1.4.3 OMG IDL | p. 17 |
1.4.4 Language Mappings | p. 18 |
1.4.5 Static Invocation: Stubs and Skeletons | p. 19 |
1.4.6 Interface and Implementation Repositories | p. 19 |
1.4.7 Dynamic Invocation and Dispatch | p. 20 |
1.4.8 Object Adapters | p. 21 |
1.4.9 Inter-ORB Protocols | p. 22 |
1.5 How Does It All Work Together? | p. 23 |
1.5.1 The Client System at Run-Time | p. 24 |
1.5.2 The Server System at Run-Time | p. 26 |
1.5.3 Other Components | p. 26 |
1.6 Creating and Running an Example Application | p. 26 |
1.6.1 Writing a CORBA Application | p. 27 |
1.6.2 Running a CORBA Application | p. 34 |
1.7 Summary | p. 34 |
1.8 Further Reading: Books on CORBA | p. 35 |
References | p. 35 |
2 The Security Basics | p. 37 |
2.1 What Is Security? | p. 37 |
2.2 Why Security? | p. 38 |
2.3 Security Properties Within CORBA | p. 39 |
2.3.1 Confidentiality | p. 40 |
2.3.2 Integrity | p. 41 |
2.3.3 Availability | p. 41 |
2.3.4 Accountability | p. 42 |
2.3.5 Dependability | p. 42 |
2.4 Security Management | p. 43 |
2.4.1 Security Policy | p. 43 |
2.4.2 Risk Analysis | p. 47 |
2.4.3 Feedback: Analysis and Audit | p. 49 |
2.5 Threats, Vulnerabilities, and Countermeasures | p. 50 |
2.5.1 Threats | p. 50 |
2.5.2 Vulnerabilities | p. 52 |
2.5.3 Countermeasures | p. 53 |
2.6 Middleware Security | p. 53 |
2.6.1 Mutual Distrust | p. 54 |
2.6.2 Dynamic Interactions | p. 54 |
2.6.3 Scalability | p. 55 |
2.6.4 Layers of Abstraction | p. 55 |
2.7 Summary | p. 56 |
2.8 Further Reading: Books on Security | p. 57 |
References | p. 57 |
3 The CORBA Security Architecture | p. 59 |
3.1 Introduction | p. 59 |
3.2 Design Goals: CORBA Security Wish List | p. 60 |
3.2.1 Interoperability | p. 60 |
3.2.2 Transparency and Abstraction | p. 62 |
3.2.3 Flexibility, Portability, and Integration | p. 64 |
3.2.4 Scalability | p. 66 |
3.2.5 Reliability and Assurance | p. 67 |
3.2.6 Simplicity | p. 69 |
3.3 Architectural Components | p. 70 |
3.3.1 Principals and Credentials | p. 70 |
3.3.2 Administration: Policies and Domains | p. 72 |
3.3.3 Privilege Delegation | p. 78 |
3.3.4 Principal Authentication | p. 81 |
3.3.5 Security Context Establishment | p. 85 |
3.3.6 Message Protection | p. 90 |
3.3.7 Access Control | p. 96 |
3.3.8 Security Audit | p. 101 |
3.3.9 Nonrepudiation | p. 105 |
3.4 Secure CORBA on the Internet | p. 108 |
3.4.1 SSL/TLS | p. 109 |
3.4.2 Firewalls | p. 110 |
3.5 Conformance | p. 113 |
3.5.1 Level 1 Security | p. 114 |
3.5.2 Level 2 Security | p. 115 |
3.5.3 Nonrepudiation Option | p. 116 |
3.5.4 Security Replaceability | p. 116 |
3.5.5 CSI | p. 117 |
3.6 Features or Wish List? | p. 118 |
3.6.1 Interoperability | p. 119 |
3.6.2 Transparency and Abstraction | p. 120 |
3.6.3 Flexibility, Portability, Integration | p. 120 |
3.6.4 Scalability | p. 121 |
3.6.5 Reliability and Assurance | p. 121 |
3.6.6 Simplicity | p. 121 |
3.7 Summary | p. 122 |
3.8 Further Reading: Books on CORBA Security | p. 126 |
References | p. 126 |
4 Getting Started with MICOSec | p. 129 |
4.1 Introduction | p. 129 |
4.2 Free Software | p. 129 |
4.3 MICO | p. 130 |
4.3.1 Overview | p. 130 |
4.3.2 Installation | p. 131 |
4.4 MICOSec | p. 132 |
4.4.1 Overview | p. 133 |
4.4.2 Installation | p. 134 |
4.5 Summary | p. 140 |
4.6 Further Reading on MICO and MICOSec | p. 140 |
References | p. 141 |
5 Security Level 1 | p. 143 |
5.1 Introduction | p. 143 |
5.2 Level 1 Functionality | p. 144 |
5.3 Level 1 Interface | p. 145 |
5.4 A Security-Aware Bank Application Example | p. 147 |
5.4.1 Building and Running the Example | p. 147 |
5.4.2 SSL and X.509 Certificates | p. 151 |
5.4.3 The Target | p. 154 |
5.4.4 Security Attributes | p. 161 |
5.4.5 The Client | p. 164 |
5.5 Implementation Overview and Conformance | p. 167 |
5.6 Summary | p. 170 |
5.7 Further Reading | p. 170 |
References | p. 171 |
6 Security Level 2 | p. 173 |
6.1 Introduction | p. 173 |
6.2 Level 2 Functionality Overview | p. 174 |
6.3 Principal Authentication and Secure Association | p. 175 |
6.3.1 Principal Authentication | p. 176 |
6.3.2 Secure Association | p. 179 |
6.3.3 Security-Aware Bank Example: Authentication and Secure Association | p. 180 |
6.3.4 Building and Running the Example | p. 181 |
6.3.5 The Target | p. 183 |
6.3.6 The Client | p. 194 |
6.4 Object Domain Mapper for Access Control and Audit | p. 200 |
6.4.1 Introduction | p. 200 |
6.4.2 Mapping Information | p. 201 |
6.4.3 MICOSec Mapping Definition | p. 203 |
6.4.4 Mapping Process | p. 206 |
6.4.5 ODM Interfaces | p. 207 |
6.4.6 Static Per-POA Granularity | p. 209 |
6.4.7 Per-Object Granularity | p. 212 |
6.4.8 Dynamic Configuration | p. 213 |
6.4.9 Modifications to the CORBA Specification | p. 215 |
6.5 Access Control | p. 216 |
6.5.1 Interfaces | p. 218 |
6.5.2 The Bank Example | p. 220 |
6.5.3 Building and Running the Example | p. 221 |
6.5.4 The Target | p. 225 |
6.5.5 Client-Side Code Example | p. 242 |
6.6 Security Auditing | p. 247 |
6.6.1 Audit Interfaces | p. 247 |
6.6.2 Audit Filtering Policies | p. 249 |
6.6.3 Building and Running the Example | p. 252 |
6.6.4 Target Example | p. 253 |
6.7 Delegation | p. 259 |
6.7.1 Overview | p. 259 |
6.7.2 Delegation Mechanisms | p. 261 |
6.8 Implementation Overview and Conformance | p. 264 |
6.9 Summary | p. 266 |
6.10 Further Reading | p. 267 |
References | p. 267 |
7 Security-Unaware Functionality | p. 269 |
7.1 Introduction | p. 269 |
7.2 Security-Unaware Functionality Overview | p. 270 |
7.3 Principal Authentication and Secure Association | p. 271 |
7.3.1 Command Line Arguments | p. 271 |
7.3.2 Example Configuration | p. 273 |
7.4 Object Domain Mapping | p. 274 |
7.5 Access Control | p. 276 |
7.5.1 Bank Example | p. 276 |
7.6 Security Auditing | p. 280 |
7.6.1 Example Configuration | p. 281 |
7.7 Delegation | p. 285 |
7.7.1 Overview | p. 285 |
7.7.2 SSL and Delegation | p. 286 |
7.7.3 CSIv2-SAS Delegation | p. 287 |
7.8 Implementation Overview and Conformance | p. 287 |
7.9 Summary | p. 289 |
7.10 Further Reading | p. 291 |
References | p. 291 |
List of Acronyms | p. 293 |
About the Authors | p. 299 |
Index | p. 301 |