See an introduction to Security in Distributed Systems.
ORBAsec SL3 implements the new Common Secure Interoperability Version 2 (CSIv2) protocol, which was adopted by the OMG at the end of 2000.
The CSIv2 protocol for CORBA security was developed by many important vendors, such as Sun Microsystems, IBM, and Compaq, as well as Adiron. The players have key market interests in this area, so it has a better chance of just Adiron implementing it.
CSIv2 is merely a CORBA protocol and not an API. ORBAsec SL3 is quite different than our older discontinued product, ORBAsec SL2, in that it departs from the CORBA SecurityLevel2 API. ORBAsec SL3 gives a brand new API to Distributed Security, which much more dependable and robust. It is based on a mathematical model of principals. You can read about The Principal Calculus in the following paper my Abadi, Lampson, et al., Authentication in Distributed Systems: Theory and Practice.
A security system that is based on mathematical foundations is a system that can be reasoned about. And when you are reasoning about security, you should have a good mathematical foundation to stand on, instead of ad-hoc arguments.
ORBAsec SL3 is implemented over TLS (which used be called SSL) and GSS-Kerberos for authentication and encryption.
ORBAsec SL3 also supports the GSS-Kerberos User-to-User protocol, which allows one to set up Kerberos enabled server objects by merely using login credentials, (i.e. those from the "kinit" program).
ORBAsec SL3 is also built on for AdironORB, but will also work with of ORBacus for Java from IONA.
Please subscribe to our sl3-users
mailing list.
Copyright 2004 Adiron. All Rights Reserved.
"ORBAsec", "AdironORB", and "SL3" are trademarks of
Adiron, LLC.
"Java" is a trademark of Sun Microsystems, Inc. "CORBA"
is
a trademark of the Object Management Group.
Other names, products and services may be the
trademarks or
registered trademarks of their respective holders.