Security in CORBA, .NET and J2EEMotivationOverviewSecurity in CORBA, .NET, and J2EECORBA Security CapabilitiesCORBA Security CapabilitiesSlide 7The CORBA Security ModelThe CORBA Security ModelAccess Control in CORBAAccess Control in CORBASlide 12Slide 13Slide 14Slide 15CORBA Security User ViewsCORBA Security ViewsCORBA Security Execution ModelSecurity Binding in CORBADomain Objects in CORBAMicrosoft’s .NETSecurity in .NET/Java.NET Security Capabilities.NET Security Execution ModelSlide 25C# vs. Java - Differences/SimilaritiesSlide 27Slide 28Slide 29.NET Code-Based Access Control.NET CBAC Evidence Based Security.NET CBAC Permissions.NET CBAC Security Policies (SPs).NET CBAC Security Policies.NET Role-Based Access Control.NET Secure Code Verification/Execution.NET Secure Communication.NET Secure Code and Data ProtectionJ2EE Security CapabilitiesSlide 40J2EE Code-Based Access ControlJ2EE CBAC: The Security ManagerJ2EE CBAC PermissionsJ2EE Role-Based Access ControlJ2EE Secure Code Verification/ExecutionSlide 46J2EE Secure CommunicationJ2EE Secure Code and Data ProtectionJava CBAC vs. .NET CBACJ2EE RBAC vs. .NET RBACCode Verification/ExecutionConcluding RemarksSECMW-1CSE333Keith Bessette and Prof. Steven A. Demurjian Computer Science & Engineering Department271 Fairfield Road, Box U-2155The University of ConnecticutStorrs, Connecticut 06269-2155http://www.engr.uconn.edu/[email protected] in CORBA, .NET and J2EESecurity in CORBA, .NET and J2EESECMW-2CSE333MotivationMotivationDistributed Computing Applications are Constructed Distributed Computing Applications are Constructed From Legacy, COTS, Database, and Client/Server From Legacy, COTS, Database, and Client/Server Applications Applications Solutions Facilitate the Interoperation of Applications Solutions Facilitate the Interoperation of Applications in a Network Centric Environment in a Network Centric Environment CORBA, DCOM/OLE, J2EE/EJB, JINI, and .NET CORBA, DCOM/OLE, J2EE/EJB, JINI, and .NET have Enabled the Parallel and Distributed Processing have Enabled the Parallel and Distributed Processing of Large, Computation-intensive Applications of Large, Computation-intensive Applications Security has Historically Often Been an AfterthoughtSecurity has Historically Often Been an AfterthoughtDramatic Turnaround in Support of Security within Dramatic Turnaround in Support of Security within these Modern Middleware Platforms these Modern Middleware PlatformsSECMW-3CSE333OverviewOverviewFocus on the Attainment of Security withinFocus on the Attainment of Security withinCORBA.NETJ2EERepresent Three Dominant Middlware PlatformsRepresent Three Dominant Middlware PlatformsEmphasis on Exploring the RBAC/MAC Capabilities Emphasis on Exploring the RBAC/MAC Capabilities of Eachof EachWhat Can Each Offer in Support of Security?How do the Different Technologies Compare?Later - Focus on Using Middlware (e.g., CORBA, Later - Focus on Using Middlware (e.g., CORBA, JINI) to Attain MAC/RBAC for Distributed SettingJINI) to Attain MAC/RBAC for Distributed SettingSECMW-4CSE333Security in CORBA, .NET, and J2EESecurity in CORBA, .NET, and J2EEThe CORBA Security Specification is a Meta-model,The CORBA Security Specification is a Meta-model,Similar in Concept to the UML Meta-model with Implementations (e.g., Together, Rational, etc.)Offers Wide Variety of Security Capabilities at the Model Level - RBAC, MAC, Encryption, Etc.Language Independent (Not Tied to Java, C++, .NET, Etc.) In Contrast, .NET and J2EE are Commercial ProductsIn Contrast, .NET and J2EE are Commercial ProductsCharacterizable as Implementations or Instances of the CORBA Security Meta-model Transition Concepts into Platform Specific ImplementationsSECMW-5CSE333CORBA Security Capabilities CORBA Security Capabilities The CORBA Security Service Specification Focuses The CORBA Security Service Specification Focuses on Four Keys Aspects of Security on Four Keys Aspects of Security Confidentiality: Confidentiality: Concerned with Access to InformationLimit Access to Those Individuals (Programs) That Have Been Given Explicit PermissionIntegrity: Integrity: Only Authorized Users are Allowed to Modify Information Delegation of this Authorization Between Users is Tightly ControlledSECMW-6CSE333CORBA Security CapabilitiesCORBA Security CapabilitiesAccountability: Accountability: Users Must be Responsible for All of their ActionsSecurity Mechanisms Must be able to Monitor and Track the Accountability Availability: Availability: If Users have Been Appropriately Authorized, then their Authorizations Require the System's AvailabilitySECMW-7CSE333CORBA Security CapabilitiesCORBA Security CapabilitiesCollectively, These Four Features Underlie the Collectively, These Four Features Underlie the Security Offered in the Meta Model forSecurity Offered in the Meta Model forIdentification and Authentication of UsersAuthorization and Access Control of Users to ObjectsSecurity Auditing for AccountabilitySecurity of Communication Between Users and ObjectsNon-repudiation to Provide Proof of Access between Client and Target ObjectAdministration of All of the Security RequirementsSECMW-8CSE333The CORBA Security Model The CORBA Security Model The Structural Model of CORBA is Comprised of The Structural Model of CORBA is Comprised of Different Levels used to Facilitate Secure Object Different Levels used to Facilitate Secure Object Invocation by Clients Invocation by Clients Application Components: Client Request Services and Application Components: Client Request Services and a Target Object Providing Servicesa Target Object Providing ServicesORB Security Services: ORB Security Services: Access Control Service - If the Operation Being Requested is Permitted Secure Invocation Service - Protect the Target Object in its Interactions With the Client Implementation of Security Services: Implementation of Security Services: Available in actual CORBA ImplementationsPlatform Specific, must Interact with Security supported by OS and HardwareSECMW-9CSE333The CORBA Security ModelThe CORBA Security ModelSECMW-10CSE333Access Control in CORBA Access Control in CORBA Must Verify the Characteristics of a Subject's Must Verify the Characteristics of a Subject's Permissions (via Permissions (via Privilege AttributesPrivilege Attributes) Against the ) Against the Target
View Full Document