1 / 27

Some Research and Development Opportunities for the DCE Community

Some Research and Development Opportunities for the DCE Community . Paul Dale p.dale@opengroup.org. Introduction. The Open Group has a technology delivery capability - a unique attribute of the consortium There are technology opportunities now - which can add value to a DCE environment

finley
Télécharger la présentation

Some Research and Development Opportunities for the DCE Community

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Some Research and Development Opportunities for the DCE Community Paul Dale p.dale@opengroup.org

  2. Introduction The Open Group has a technology delivery capability - a unique attribute of the consortium There are technology opportunities now - which can add value to a DCE environment The Research & Development Division has the technical skills to carry out value-added projects and proposals • We would like to hear from you

  3. Topics JADE I and JADE II Java-Kerberos ADAGE Strategic Consulting

  4. Java and DCE (JADE) COTS Browsers F I R E W A L L Web Servers DCESServers

  5. JADE Benefits • Allows DCE clients to be written in Java • Allows deployment of DCE clients on demand as Java applets in conjunction with a JADE client (now) and with no pre-installed software (JADE II) • Brings full DCE-based client-server security to Java applications - a secure extension to the applet environment • No restrictions - an applet can talk to any DCE server • Allows DCE clients to easily include graphics and multi-media via use of Java display widgets • Introduces a minimal object model

  6. JADE I Final Release Feb ‘98 • Stand-alone Java applications • Signed Java applets (with JADE libraries pre-installed) • Interoperates with existing DCE server apps • Supports Java access to all major DCE services • Secure RPC, CDS Directory, Security, Time • Supports a wide range of DCE IDL datatypes • scalars, strings, pointers, arrays, pipes, context handles, unions • Runs on top of existing DCE client libs

  7. JADE I binary distribution is now available on CD-ROM • Contents • JADE IDL compiler (DCE 1.2.2 IDL compatible) • Class Libraries, Interface Files, and Sample Application Source • 3.7 MB of JavaDoc API documentation and IDL Mapping Specs • Comprehensive test suite (14 categories of tests) • JDK 1.1 compatible • Footprint • 1.1 MB for class libs and DLLs (not including DCE client libs)

  8. JADE II Now in progress • Pure Java Implementation of DCE client • Stub and API compatible with JADE I • DCE RPC Security through Java-Kerberos • NSI Directory support via LDAP • Beans support through JADE IDL Compiler • Client-side async RPCs (a.k.a “futures”) • SSL transport for JADE II and DCE ref. port • Demo applet available athttp://drdoom.camb.opengroup.org:8001/

  9. Java-Kerberos • Pure Java implementation of Kerberos 5 • Alpha version currently interoperates with • MIT Kerberos 5 • DCE • Cygnus Kerbnet • Also includes Kerberos 4 implementation • Includes MIT, Andrew, and AFS compatibility • Downloadable as an applet or library

  10. Java-Kerberos • Supports both Kerberos authentication and message protection • Currently provides 56-bit DES encryption • Can be extended to other Kerberos e-types • Will include kinit/klist/kdestroy applets • Will support multiple cache mechanisms • Pure Java based cache (shared between multiple VMs) • Native method based cache (to platform’s existing ticket file, e.g., disk or memory based) • Cache interface for adding new cache implementations

  11. Java-Kerberos in Use • Current alpha users • NASA/JPL for message protection of Mars Pathfinder, Galileo, and Cassini mission data transmissions • Los Alamos National Laboratory for Global Warfare Information System • Cornell University for authentication of CORBA-based student information applications • Java-Kerberos Demo Applet available at • http://www.camb.opengroup.org/RI/www/jkrb/

  12. Java-Kerberos in the future • Possible future enhancements • Support for Pure Java GSS-API layer • 40-bit DES version • Triple DES version • PKINIT (use of public-key certificates for initial Kerberos authentication) • Alternative crypto packages (e.g. JSAFE) • Kerberized RMI implementation

  13. Engine Authorization Database Authorization for Distributed Applications and Groups (ADAGE) Distributed Security Services Distributed Applications Application Server (e.g. Web server Application Client (e.g. WebBrowser) Identity and Attribute Servers Adage API Adage Tools Adage Services Visual Policy Builder Authorization Decision Engine Adage API Authorization Language Interpreter User Authorization Database Adage

  14. Adage Benefit - High Level Authorization Policies • Policies may be complex, rich, and dynamic, based on roles, business processes, legal constraints, time constraints, etc. • Adage has rich support for groups, sets, roles, rules, relations and constraints • By contrast “ACLs are the assembly language of authorization” • Implementing policies may require many low-level operations so that it is practically impossible to assure that policies are correctly implemented and maintained - ACL’s for 100,000 employees and 1,000,000 objects? • Examples where ACL’s don’t help • “Access to the internet is only allowed between 7pm and 9pm” • “The creation and approval of a given purchase order must be done by two different people, though the same person may both create and approve different purchase orders.”

  15. Adage Benefit - User Centered Security • Secure systems with usability as primary goal • Simplify authorization policy administration • Visual tools - Visual Policy Builder GUI • High-level authorization language (AL) • Ease of use promotes better security

  16. Adage Benefit - Consistent global policies, Distributed trust • Adage supports trust models for enterprise-wide policies • Available to all applications on all sites • Authorization toolkit support for application developers • Register application-specific authorization policy with Adage • Request authorization decisions • Trust model between sites • Authorization decisions based on trustworthiness of authentication authorities • Citizenship metric - how trusted is an authentication authority? • Introduction chain metrics - Length, Number of chains, Age of chains, Quality of chains

  17. ADAGE was developed with DCE in mind • Adage is architected to not only take identities from a DCE cell, but to take DCE group and other information into account in its policies and rules. • Adage second snapshot now available (4/30/98).

  18. Adage and DCE Possibilities • More Flexible Policies • Adage can easily replace the ACL manager to provide more flexible policies • Better Management • A GUI (Visual Policy Builder) and Authorization Language • Centralized authorization policy control and management • All applications use the same authorization policy • Authorization information only needs to be changed in one place

  19. Adage and DCE Possibilities • Better Authorization in the Global Environment • Adage's trust model would allow sites to form organizational policy about external authentication servers in a more flexible fashion • DCE only supports hierarchical authentication servers arranged via a namespace • General Security Policy Server • Integrate authentication and encryption policy into Adage • Restrict access to objects based on authentication type or strength, or on whether the channel was encrypted or local (within the firewall).

  20. Infrastructure Investment Analysis (IIA) The Open Group continues to offer technology-based consulting, especially in DCE Over the last year, a new strategic consulting capability has been developed • A formal, quantitative methodology for understanding the risks / rewards of IT infrastructure plans and alternatives

  21. Motivation • Managing the cost-reward and risk-reward of IT infrastructure is increasingly a significant obligation of IT departments • Everyone talks about the cost and business requirements of IT solutions; nobody knows how to measure these • Few tools are available to assist IT departments through the decision making process in the expanding network-based, global IT environment • Yet competency in many businesses requires risk/reward models, e.g. banks have models of acceptable risks in originating loans

  22. What is Infrastructure Investment Analysis (IIA)? • A mathematical modeling capability • The skills and techniques required to model IT problems • The Open Group’s methodology is to • Review and generate business and technical requirements • Perform a technical analysis and initial risk modeling • Model risk-mitigating technical solution(s) • Build a decision-theoretic "roadmap" for realization of solution(s)

  23. Value of Risk Modeling • A common reaction: Models are too abstract - not real world • In reality, modeling • Allows representation of hypothetical system • Allows simplification of complex IT infrastructure • Aids communication and agreement on goals, terms, methods • Emphasizes discovery and clarification of assumptions • Generates evidence about system under given assumptions • Shifts debate from challenging evidence to challenging assumptions • Modeling approaches do not exist today for IT; we have taken the lead in defining a new methodology for industry

  24. An Example - BITS • The Banking Industry Technology Secretariat (BITS) is engaged in a Global Security Architecture project • As part of this we have modeled the risks and cost-effectiveness of a single root CA as opposed to multiple root CAs • Thought provoking (but private) results • Now modeling the cost of several alternatives for security technologies for e-commerce

  25. Many kinds of risks • In the financial services sector, end-to-end risks include • Transaction risks (fraud, theft, timeliness) • Strategic risks (infrastructure, interoperability, cost-effectiveness) • Reputation risks (loss of privacy or other trust) • Regulatory compliance (existing or new)

  26. An strategic consulting invitation • To work with a vendor neutral organization • To use a formal, quantitative, rather than opinion-based, approach to decision making • To understand trade-offs and alternatives • To justify decisions • To manage IT risks, costs and rewards • On specific IT planning challenges, such as DCE applications

  27. Creating Value for the DCE Community • New technology (e.g. JADE, ADAGE) • DCE Consulting • Strategic Consulting • Flexible working arrangements with buyers and suppliers How can we help improve your IT environment?

More Related