Introduction to Security For Distributed Object Systems

Security functionality is extremely important in any distributed system. The mere fact that applications are open to the network leaves them vulnerable to attack from the network from both inside and outside sources.

Using Object Request Brokers (ORB) gives you the ability to distribute objects across process and machine boundaries. The Object Management Group, Inc. (OMG) has specified a set of standards known under the umbrella title of the Common Object Request Broker Architecture (CORBA). However, the CORBA specification contains an object security model and standard security protocols. Implementations of this standard middleware can secure your distributed applications from threats both inside and outside.

Application Programmers Interfaces (API) allow applications to be aware of the security functionality provided by the ORB. through standard CORBA ORB interfaces. This approach allows the application to control the security aspects of the ORB.

Examples of controlling security are:

Setting Security Parameters

Aqcuiring credentials for accepting requests and making CORBA requests.
Getting extra or eliminating any privileges that may be associated with the principal that the credentials represent.
Setting security parameters of making requests:
Authentication and Cryptographic Mechanisms
Delegation Directives
Quality of Protection

Querying Security Relevant Components

The principal invoking the request.
Privileges the invoking principal may have.
Authentication and cryptographic mechanism used.
Quality of protection used.

Making Access control decisions based on thesecurity relevant information.

Making Auditing decisions based on the security relevant information.

Security in general is complex and hard to reason about, security APIs are complex and hard to use. A simple "hello world" example can turn into many pages of code for an application programmer to produce. You just have to look at the many demonstration and test examples in the ORBAsec SL3 product for yourself!

Adiron's ORBAsec SL3 product has the Security Level 3 API, which is an interface for manipulating and reviewing security characteristics of CORBA requests through the CORBA standard ORB interfaces. The Security Level 3 API is modeled after a formal language that is used to reason about principals and the cryptographic proofs of signatures to facilitate the need to make access and audit decisions.

Getting the security functionality correct for a distributed system can be an unsurmountable task for application programmers. Having a formal logic to help the programmer or systems analyst understand the security characteristics of their application can be a boon to the development process.

The base data structures of the Security Level 3 interface are modeled after the The Principal Calculus, which is illustrated and developed by the following paper by Abadi, Lampson, et al., Authentication in Distributed Systems: Theory and Practice.

Copyright 2004 Adiron. All Rights Reserved.
"ORBAsec", "AdironORB", and "SL3" are trademarks of Adiron, LLC.
"Java" is a trademark of Sun Microsystems, Inc. "CORBA" is a trademark of the Object Management Group.
Other names, products and services may be the trademarks or registered trademarks of their respective holders.