Presentation is loading. Please wait.

Presentation is loading. Please wait.

The Challenges of CORBA Security It is important to understand that [CORBAsecurity] is only a (powerful) security toolbox and not the solution to all security.

Published byDania Wiscombe Modified over 10 years ago

Similar presentations

Presentation on theme: "The Challenges of CORBA Security It is important to understand that [CORBAsecurity] is only a (powerful) security toolbox and not the solution to all security."— Presentation transcript:

1 The Challenges of CORBA Security It is important to understand that [CORBAsecurity] is only a (powerful) security toolbox and not the solution to all security problems. A.Alireza, U.Lang, M.Padelis, R.Schreiner, M.Schumacher Presented by Roneel Naidu

2 Outline of Presentation What is CORBA? CORBA Security Service Access Control Conclusion Questions

3 What is CORBA ? (1) Traditional Client-Server Model What happens when ? Many Clients and Servers over some network Implemented in different languages Running on different platforms, etc Want to do distributed computing! ClientServer

4 Introduce a Middleman – Object Request Broker (ORB) The ORB is like a software bus Note: Client/Server are just roles – can change What is CORBA ? (2) ClientServer ORB

5 What is CORBA ? (3) Interact with ORB through language and platform independent interfaces (IDL) Objects / Components deal with each other as if they are local. ClientServer ORB IDL Logical

6 What is CORBA ? (4) Different ORBs communicate with each other through a standard protocol (IIOP) ClientServer ORB IDL ORB IIOP Logical

7 What is CORBA ? (5) CORBA – Common Object Request Broker Architecture –A specification that can be complied to by ORB manufacturers –Says what a CORBA compliant ORB should do, not how –Only defines core functionality

8 What is CORBA ? (6) Object Services –Are outside the ORB –Examples: Naming Service Trading Service Transaction Service Security Service (CORBAsec) ClientServer ORB Object Service

9 CORBA Security Service (1) Like CORBA is just a specification that vendors can implement Covers aspects of security and defines the implementation details for each aspect. Does not specify security mechanisms to be used –Like a Framework ? –But type of security technology influences available features Objects do not need to know about security –Security Service mediates calls as they are processed by the ORB

10 CORBA Security Service (2) Principle –Entities that first cause some security relevant event –Human user or System entity that can authenticate itself Usually by some secret key. i.e. password Principal

11 CORBA Security Service (3) Credential –All information that CORBAsec requires to decide what its principal is and isn't allowed to do –Contains two types of Attributes Identity Privilege Principal Credential

12 What methods (services) can some client invoke on some server ? Two places that access control could be done –Component Level –ORB Level CORBAsec does it at ORB level Access Control (1) ClientServer ORB Request

13 Access Decision Function –Simple yes/no Client Security Attributes Decision Server Control Attributes Access Control (2) ADF

14 Access Control (3) Many Users –Administrators cant keep track of individual requirements –Groups – kept in Credentials Many Servers –Administrators cant keep track of individual requirements –Policies assignable to many servers But need to group operations as well (Access Rights)

15 Access Control (4) So we have predefined Access Rights that are known to both developers and administrators –Only a few currently –Do not fit all application scenarios –Thus (currently) better to implement access control at component level

16 Conclusion Because CORBA Security has to be broad enough to be applicable in many different areas, but specific enough to be useful –It will not be able to fit into all security situations –But does allow for alternate means

17 Questions Using predefined access rights, is there another (better) way ? – Managing many (1000s) of clients and servers What are the problems of doing access control at component level ?

Download ppt "The Challenges of CORBA Security It is important to understand that [CORBAsecurity] is only a (powerful) security toolbox and not the solution to all security."

Similar presentations

Distributed Systems Architectures

Distributed Systems Architectures
Overview of Web Services

Overview of Web Services
COM vs. CORBA.

COM vs. CORBA.
©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 12 Slide 1 Distributed Systems Design 2.

©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 12 Slide 1 Distributed Systems Design 2.
©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 9 Distributed Systems Architectures Slide 1 1 Chapter 9 Distributed Systems Architectures.

©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 9 Distributed Systems Architectures Slide 1 1 Chapter 9 Distributed Systems Architectures.
Common Object Request Broker Architecture (CORBA) By: Sunil Gopinath David Watkins.

Common Object Request Broker Architecture (CORBA) By: Sunil Gopinath David Watkins.
Securing the Broker Pattern Patrick Morrison 12/08/2005.

Securing the Broker Pattern Patrick Morrison 12/08/2005.
CORBA - Common Object Request Broker Architecture.

CORBA - Common Object Request Broker Architecture.
Seminarium on Component-based Software Engineering Jan Willem Klinkenberg CORBA.

Seminarium on Component-based Software Engineering Jan Willem Klinkenberg CORBA.
Component Patterns – Architecture and Applications with EJB copyright © 2001, MATHEMA AG Component Patterns Architecture and Applications with EJB JavaForum.

Component Patterns – Architecture and Applications with EJB copyright © 2001, MATHEMA AG Component Patterns Architecture and Applications with EJB JavaForum.
Chapter 25 - 28 Object-Oriented Practices. Agenda Object-Oriented Concepts Terminology Object-Oriented Modeling Tips Object-Oriented Data Models and DBMSs.

Chapter Object-Oriented Practices. Agenda Object-Oriented Concepts Terminology Object-Oriented Modeling Tips Object-Oriented Data Models and DBMSs.
Distributed Systems Architectures

Distributed Systems Architectures
A brief look at CORBA. What is CORBA Common Object Request Broker Architecture developed by OMG Combine benefits of OO and distributed computing Distributed.

A brief look at CORBA. What is CORBA Common Object Request Broker Architecture developed by OMG Combine benefits of OO and distributed computing Distributed.
CORBA Case Study By Jeffrey Oliver March 2003. March 17, 2003CORBA Case Study by J. T. Oliver2 History The CORBA (Common Object Request Broker Architecture)

CORBA Case Study By Jeffrey Oliver March March 17, 2003CORBA Case Study by J. T. Oliver2 History The CORBA (Common Object Request Broker Architecture)
Using Digital Credentials On The World-Wide Web M. Winslett.

Using Digital Credentials On The World-Wide Web M. Winslett.
CS 501: Software Engineering Fall 2000 Lecture 16 System Architecture III Distributed Objects.

CS 501: Software Engineering Fall 2000 Lecture 16 System Architecture III Distributed Objects.
Middleware Technologies compiled by: Thomas M. Cosley.

Middleware Technologies compiled by: Thomas M. Cosley.
II. Middleware for Distributed Systems

II. Middleware for Distributed Systems
Ch 12 Distributed Systems Architectures

Ch 12 Distributed Systems Architectures
A Heterogeneous Network Access Service based on PERMIS and SAML Gabriel López Millán University of Murcia EuroPKI Workshop 2005.

A Heterogeneous Network Access Service based on PERMIS and SAML Gabriel López Millán University of Murcia EuroPKI Workshop 2005.

Similar presentations

Ads by Google