- Home
- Abstracts
- Toacy Oliveira
- Dietrich Birngruber
- Md Abdul Muqsit khan
- Rainer Ruggaber
- Elke Pulvermueller
- Zoltán Porkoláb
- Asmus Pandikow
- Steven Fonseca
- Abdlulrahman Al-Khudair
- Ousmane Sy
- Dan Suciu
- JOSE LUIS HERRERO
- Fernanda Baiao
- Alexandre Sztajnberg
- li yawei
- RAMARAJU MANAVALAN
- stuart marshall
- Widayashanti Sardjono
- yuming zhou
- Guido Roessling
- Guray YILMAZ
- Rajini Kanth Naidu
- Hermes Senger
- Johan Larsson
- Alexander Fronk
- Harald Stöttner
- Gilles Ardourel
- Hung LEDANG
- Attila Ulbert
- Roland Neumann
- Panitiq Netinant
- Michael Haupt
- Ezzeddin HATTAB
- priti bala
- Elzbieta Pustulka-Hunt
- Cyril Ray
- Yann-Gaël Guéhéneuc
- Péter Csontos
- Pierre Crescenzo
- Adeline Capouillez
- Mats Skoglund
- Dipankar Chakrabarti
- Pascal Costanza
- Krzysztof Kaczmarski
- Hardeep Singh
- Johannes Martin
- Arockiam L arockiam
- Raees Khan
- Baumann Bernard
- Serge Kovalev
- Arnulf Braatz
- Jun Pang
- Beum-Seuk Lee
- Sérgio Soares
- Eric Tanter
- Xinyu Dai
- Nicodemos Damianou
- Hans Reiser
- Olivier Nano
- Tracy Lewis
- Fei Cao
- Sergio Luján-Mora
- Francisco Silva
- Manuel Roman
- Brian Shand
- Pedro José ClementeMartín
- Peter Pietzuch
- Charles Suscheck
- Omar Sallabi
- Eli Tilevich
- wei zhao
- KOTRAPPA SIRBI
- Qin Ma
- Hector G. Perez-Gonzalez
- Phung Nguyen
- Ulrich Lang
- jiangixong Pang
- N.Sambasivarao Nandam
- Philippe Chevalley
- waralak vongdoiwang
- Wasif Gilani
- Atul Kumar
- Abdelsalam Shanneb
- Raees Khan
- Han Zhongming
- Mohamed El Wakil
- Amine Med ROUANE-HACENE
- Olabode Samuel Akinsola
- Robert Cloutier
- Yunming WANG
- Hoang Truong
- MIHIR MIHIR
- Romain Rouvoy
- Aine Mitchell
- suresh babu kare
- Mohammed Jaber
- Krishnan Gowthaman
- Greg Turner
- Naouel Moha
- Angela Lozano Rodriguez
- Joining
- Links
- Subscription
- Workshops
Supported by AITO.
These pages are currently maintained by Alex Potanin
Access Policies for Middleware
Ulrich Lang
( German )
William Gates Building J J Thomson Avenue Cambridge CB6 0DF
tel: n/a
fax: n/a
ulrich.lang@cl.cam.ac.uk
Keywords:
distribution security middleware access control
Abstract:
This dissertation examines how the architectural layering of middleware constrains the design of a middleware security architecture, and analyses the complications that arise from that. First, we define a precise notion of middleware that includes its architecture and features. Our definition is based on the Common Object Request Broker Architecture (CORBA), which is used throughout this dissertation both as a reference technology and as a basis for a proof of concept implementation. In several steps, we construct a security model that fits to the described middleware architecture. The model facilitates conceptual reasoning about security. The results of our analysis indicate that the cryptographic identities available on the lower layers of the security model are only of limited use for expressing fine-grained security policies, because they are separated from the application layer entities by the middleware layer. To express individual application layer entities in access policies, additional more fine-grained descriptors are required. To solve this problem for the target side (i.e., the receiving side of an invocation), we propose an improved middleware security model that supports individual access policies on a per-target basis. The model is based on so-called `resource descriptors'', which are used in addition to cryptographic identities to describe application layer entities in access policies. To be useful, descriptors need to fulfil a number of properties, such as local uniqueness and persistency. Next, we examine the information available at the middleware layer for its usefulness as resource descriptors, in particular the interface name and the instance information inside the object reference. Unfortunately neither fulfils all required properties. However, it is possible to obtain resource descriptors on the target side through a mapping process that links target instance information to an externally provided descriptor. We describe both the mapping configuration when the target is instantiated and the mapping process at invocation time. A proof of concept implementation, which contains a number of technical improvements over earlier attempts to solve this problem, shows that this approach is useable in practice, even for complex architectures, such as CORBA and CORBASec (the security services specified for CORBA).
HTML3
JAVA
Last modified on Mon Aug 15 14:59:24 2005