Presentation is loading. Please wait.

Presentation is loading. Please wait.

CSE300-2 Distributed Object Computing

Published byBenedict Knight Modified over 6 years ago

Similar presentations

Presentation on theme: "CSE300-2 Distributed Object Computing"— Presentation transcript:

1

2 CSE300-2 Distributed Object Computing

3 Semester Project Specification

4

5 Topic: Security for Distributed Resource Environments

6

7 Group Members:

8 Charles E. Phillips, Jr. (Chip)

9 Qi Jin (Qi)

10 Jae-guon Nam (Jae)

11 Zhenlin Qian (Jason)

12 Topic Overview.

13 Distributed resource environments have lagged in support of security, providing minimal functionality to control the availability of a resource’s services to clients. To address this deficiency, we have developed a model and two prototypes for integrating a role-based security model, authorization, authentication, and enforcement into a distributed resource environment. The prototypes have been implemented using Sun’s JINI technology, which promotes the construction and deployment of distributed applications. Currently, the prototypes run separately, one as a University Database System with simplified role-based security included and second as a stand alone, reusable, Security Client designed to be used as a general security resource. The goal for this semester, it to improve on the previous prototypes by modifying code and implementing new security features based on our research. The overall goal, of course, is to provide an improved security model and prototype which will support role-based security in a distributed resource environment. These are our objectives:

14 .Prototype our security model by merging the University Database functionality with the reusable Security Client to provide a fully functional role-based security to the University Database System as a proof of concept.

15 .Implement the use of different database management systems within the environment.

16 .Implement the prototype security environment using different computer platforms and operating systems.

17 .Establish support of dual security clients running in the same distributed environment.

18 .Explore Jini Leasing capabilities, revise the security client model, and implement a leasing enforcement mechanism that will enhance the security environment.

19 .Use the Unified Modeling Language (UML) to examine our prototype and make improvements.

20 .Examine related areas and develop a revised security model.

21 A Software Architecture for Role-Base Security
In a distributed resource environment, different resources (hardware or software) are treated in a fashion that allows all clients and resources to be seamlessly integrated. Clients can consult a Lookup Service to locate and execute “services” on “found” resources to carry out their tasks. However, these environments lack security support. When a resource registers its services with the Lookup Service, there is currently no way for the resource to dictate which service can be utilized by which client. The current solution for a resource to control access to its services is by changing the program. This, of course is not an optimum solution. We are interested in extending the security capabilities of a distributed resource environment to allow resources to selectively and dynamically control who can access its services (and invoke their methods), based on the role of the client. We will use the capabilities of the distributed resource environment, to define dedicated resources which will, authorize, authenticate, and enforce role-based security for the distributed application. A Proposed Software Architecture Security Client and Resource Interactions Figure 3.3 contains a depiction of a Security Client and a General Resource (e.g., legacy, COTS, database, etc.). We will implement the University Database as a general resource. The Security Client contains the services from the three security resources that can be used to establish and enforce the security policy. These clients create/find clients; authorize roles to clients; and grant, revoke, and find the privileges that a role has against a resource, service, and/or method. The General Resource is the required to register itself, its services, and their methods with the Role-Based Privileges Resource. Client Interactions and Processing To illustrate the process for a GUI Client accessing a Database Resource using the Lookup Service, and the Security Registration, Authorization List, and Role-Based Privileges resources, we present the example in Figure 3.4, with flow via the numbered service invocations and returned results.

22 Experimental Prototypes

23 The latest prototypes are implemented on Windows NT 4. 0, using Java 1
The latest prototypes are implemented on Windows NT 4.0, using Java and JINI We have implemented two prototypes to date, described in the next two sections. The first prototype employs a university application in which we implemented a subset of our security architecture. Students can query course information and enroll in classes, and faculty can query and modify the class schedule. The second prototype is the Security Client. Baseline Prototype The Security Client Prototype

24 Qi will take on the following objectives: Implement the use of different database management systems within the environment; Implement the prototype security environment using different computer platforms and operating systems; and Establish support of dual security clients running in the same distributed environment.

25 Jae will take on the following objectives: Merge the existing prototypes and use the Unified Modeling Language (UML) to examine our prototype and make improvements.

26 Related Work: Mobile Agent Security in a Distributed Resource Environment

27 And Jason will explore Jini’s Leasing capabilities, help revise the security client model, and implement a leasing enforcement mechanism that will enhance the security environment.

28 Related Work: Security Models for Distributed Resource Environments

29 Planned Activities

30 .Weekly meetings on Tuesday to discuss progress and address coordination issues.

31 .Bi-weekly summary of activities to ease demand for midterm report and final project.

32 .Midterm Report. 25 October.

33 .Project Completed 7 December.

34 Final Briefing 9 December.

35 Flow of Work

36 Chip will be at a two week Network Security Course in Italy and will hopefully return with some new insights. The group, as a whole, has been given access to the existing source code for near term review and familiarization. Individually, group members will need a couple of weeks to familiarize themselves with their work objectives and find references that can support both their objective work and related work topics. Our group meetings will commence on Tuesday 3 October.

37

Download ppt "CSE300-2 Distributed Object Computing"

Similar presentations

IFIP 2000-1 Profs. Steven A. Demurjian and T.C. Ting J. Balthazar, H. Ren, and C. Phillips Computer Science & Engineering Department 191 Auditorium Road,

IFIP Profs. Steven A. Demurjian and T.C. Ting J. Balthazar, H. Ren, and C. Phillips Computer Science & Engineering Department 191 Auditorium Road,
A Mobile Agent Architecture for Heterogeneous Devices Presented by: Chuong Hoang CS 6362- Software Architect and Design The University of Texas at Dallas.

A Mobile Agent Architecture for Heterogeneous Devices Presented by: Chuong Hoang CS Software Architect and Design The University of Texas at Dallas.
CSE300-1 Profs. Steven A. Demurjian Q. Jin, J. Nam, Z. Qian and C. Phillips Computer Science & Engineering Department 191 Auditorium Road, Box U-155 The.

CSE300-1 Profs. Steven A. Demurjian Q. Jin, J. Nam, Z. Qian and C. Phillips Computer Science & Engineering Department 191 Auditorium Road, Box U-155 The.
JINI Shashwat Shriparv InfinitySoft.

JINI Shashwat Shriparv InfinitySoft.
THE JINI TECHNOLOGY Alessio Zumbo

THE JINI TECHNOLOGY Alessio Zumbo
The road to reliable, autonomous distributed systems

The road to reliable, autonomous distributed systems
Interactive Systems Technical Design Seminar work: Web Services Janne Ojanaho.

Interactive Systems Technical Design Seminar work: Web Services Janne Ojanaho.
CIM2564 Introduction to Development Frameworks 1 Overview of a Development Framework Topic 1.

CIM2564 Introduction to Development Frameworks 1 Overview of a Development Framework Topic 1.
Technical Architectures

Technical Architectures
Notes to the presenter. I would like to thank Jim Waldo, Jon Bostrom, and Dennis Govoni. They helped me put this presentation together for the field.

Notes to the presenter. I would like to thank Jim Waldo, Jon Bostrom, and Dennis Govoni. They helped me put this presentation together for the field.
1 CS 501 Spring 2003 CS 501: Software Engineering Lecture 2 Software Processes.

1 CS 501 Spring 2003 CS 501: Software Engineering Lecture 2 Software Processes.
1 ITC242 – Introduction to Data Communications Week 12 Topic 18 Chapter 19 Network Management.

1 ITC242 – Introduction to Data Communications Week 12 Topic 18 Chapter 19 Network Management.
J2EE Java 2 Enterprise Edition. Relevant Topics in The Java Tutorial Topic Web Page JDBC orial/jdbc

J2EE Java 2 Enterprise Edition. Relevant Topics in The Java Tutorial Topic Web Page JDBC orial/jdbc
Web-based Portal for Discovery, Retrieval and Visualization of Earth Science Datasets in Grid Environment Zhenping (Jane) Liu.

Web-based Portal for Discovery, Retrieval and Visualization of Earth Science Datasets in Grid Environment Zhenping (Jane) Liu.
System Design/Implementation and Support for Build 2 PDS Management Council Face-to-Face Mountain View, CA Nov 30 - Dec 1, 2011 Sean Hardman.

System Design/Implementation and Support for Build 2 PDS Management Council Face-to-Face Mountain View, CA Nov 30 - Dec 1, 2011 Sean Hardman.
2015-09-111 These materials are prepared only for the students enrolled in the course Distributed Software Development (DSD) at the Department of Computer.

These materials are prepared only for the students enrolled in the course Distributed Software Development (DSD) at the Department of Computer.
Presented by Mark Miyashita

Presented by Mark Miyashita
Mantychore Oct 2010 WP 7 Andrew Mackarel. Agenda 1. Scope of the WP 2. Mm distribution 3. The WP plan 4. Objectives 5. Deliverables 6. Deadlines 7. Partners.

Mantychore Oct 2010 WP 7 Andrew Mackarel. Agenda 1. Scope of the WP 2. Mm distribution 3. The WP plan 4. Objectives 5. Deliverables 6. Deadlines 7. Partners.
Chapter 6 Operating System Support. This chapter describes how middleware is supported by the operating system facilities at the nodes of a distributed.

Chapter 6 Operating System Support. This chapter describes how middleware is supported by the operating system facilities at the nodes of a distributed.
CS 360 Lecture 3.  The software process is a structured set of activities required to develop a software system.  Fundamental Assumption:  Good software.

CS 360 Lecture 3.  The software process is a structured set of activities required to develop a software system.  Fundamental Assumption:  Good software.

Similar presentations

Ads by Google