1 / 32

Outline

Java Enterprise Multilevel Access “JEEMA” Web Portal In partial fulfillment of the requirements for a Masters of Science Computer Science Presented by Patrick D. Cook for Dr. Edward Chow Dr. Charlie Shub Dr. Jugal Kalita. Outline. Project goals Background JEEMA Performance Reliability

lucas-barnett
Télécharger la présentation

Outline

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Java Enterprise Multilevel Access“JEEMA” Web PortalIn partial fulfillment of the requirements for a Masters of Science Computer SciencePresented by Patrick D. CookforDr. Edward Chow Dr. Charlie ShubDr. Jugal Kalita

  2. Outline • Project goals • Background • JEEMA • Performance • Reliability • Challenges • Lessons Learned • Conclusion • Demo JEEMA

  3. Project Goals • Can a single sign-on realize multilevel security? • Investigate Portlet Technology, in particular Java Specification Request (JSR)168, to determine if it would facilitate sharing data, at different security levels • Avert the information flow problem, i.e. use a single sign on to access to multiple levels of classified resources, without compromising the multilevel security policy. JEEMA

  4. Background Related work, Rationale, Design decisions

  5. Related Work • Portals, Portlets and IPC • Michelle Osborne (2006) • Rebecca Twigg (2006) • Single Sign-on • Yale University • UCCS JEEMA

  6. Rationale and Relevance • The events on September 11, 2001 which spawned the 9/11 commissions report • Hurricane Katrina and Rita in 2005 • Personal experiences • Military United States Army Battle Staff • Lockheed Martin Integrated Systems and Solutions • Raytheon Intelligence and Information Systems JEEMA

  7. J2EE vs. .NET • When it comes to building distributed web applications which can interoperate seamlessly between components in platform-neutral way there are two leading technologies competing for your vote, J2EE and .NET (pronounce “dot NET”). JEEMA

  8. .NET • .NET is a Microsoft centric approach that runs on Windows platforms but does not fully comply with other operating systems. • .NET is still in its infancy with respect to Java and has not reached its “tipping” point with many vendors. JEEMA

  9. J2EE • J2EE is a platform-independent solution that uses the Java programming language and provides support for major operating systems • J2EE is widely supported amongst major vendors • W.O.R.M • Write once run many times JEEMA

  10. J2EE Application Servers • BEA WebLogic • IBM Websphere • SunOne Portal Server • JBOSS JEEMA

  11. Java Portals • A Java portal is a J2EE conformant technology which aggregates resources from disparate systems into a common operating environment over the web. It generally allows individualized customization, facilitates single sign-on authentication and is designed to run on multiple platforms [JSR168]. JEEMA

  12. Portlets • Portlets are web components that generate dynamic content in an autonomous fashion. The autonomy is generated by markup fragments such as HTML, XHTML, or XML, but the aggregation of the fragments are managed by a portlet container. JEEMA

  13. Portlet Container • In general, a container is software that provides “out of the box” services which developers can leverage for initialization, creation, and deletion, as well as, resource and dependency management [JBOSSP]. JEEMA

  14. JSR 168 • Java Specification Request 168, originally released in October 2003, provides the blueprint for developing portal components. • Portlet Application Program Interface (API) • Portlet • PortletConfig • GenericPortlet JEEMA

  15. JEEMA Java Enterprise Edition Multilevel Access Web Portal

  16. What is JEEMA? • JEEMA, Java Enterprise Edition Multilevel Access, is an acronym for a Java 2 Enterprise Edition (J2EE) compliant web portal that champions portlet technology to facilitate single sign-on authentication to access resources with multiple security levels • JEEMA is based on the Java 2 Platform, Standard Edition, which adheres to the Java programming language and libraries JEEMA

  17. JEEMA

  18. JEEMA Test bed Specifications • Dell Optiplex GX620 • Intel (R) • Pentium (R) • CPU 3.20GHz, 3.19 GHz, • 3.50 GB of RAM • Physical Address Extension JEEMA

  19. System Specifications • Microsoft Windows XP • Professional Version 2002 • Service Pack 2 • Internet Explorer 6.0.2900.2180.xpsp.050622-1524 • BEA WebLogic Workshop • Version 8.1.5 • Build 2005.0921.20042 JEEMA

  20. JEEMA implementation of SSO • WebLogic Portal Administration • http://128.198.61.179:7001/portalAppAdmin/ JEEMA

  21. JEEMA implementation of IPC • Java Messaging Service API’s • Uses the “listenTo” attribute in establishing interportlet communications. • Whenever a portlet is added to a portal, it creates an “instance” this instance has an instance label which other portlets listen to JEEMA

  22. Client Request JEEMA

  23. JSP <body> <netui:form action="getMessage"> <netui:textBox dataSource="text"/> <netui:button>Submit</netui:button> </netui:form> </body> JEEMA

  24. TopSecretController.jpf /** * @jpf:action * @jpf:forward name="simpleForm“ path="topSecret.jsp" */ protected Forward getMessage( Form form ) { try { publisher.writeMessage(message); } catch(Exception e) { e.printStackTrace(); } return new Forward( "simpleForm" ); } JEEMA

  25. JMS private InitialContext jndi = null; private String TOPIC = "jmsTopic"; private String JNDI_CONNECTION_FACTORY = "weblogic.jndi.WLInitialContextFactory"; private String JMS_CONNECTION_FACTORY = "weblogic.jms.ConnectionFactory "; private String APPLICATION_PROVIDER_URL = "t3://localhost:7001"; JEEMA

  26. Performance • The portlets contained same content but was double for each iterations (i.e. 4 portlets, 8 portlets, 16 portlets…, 64 portlets). JEEMA

  27. JEEMA Reliability • The reliability of the system, R (m), is measured in terms of its ability to deliver reliable messages to its recipients as portlets increase within a web portal. • This can be defined mathematically as R(m) = p/ m, where p is equal to the number of reliable messages and m is the total number of messages. JEEMA

  28. Lessons Learned • The challenges related to remote development (“The virtual team”) • Black Box Coding • Implementing JMS on SunOne and JBoss • JNDI • “Asynchronous” Communication JEEMA

  29. Future Work • Integration with WSRP 2.0 • Use XACML Decision Points • Asynchronous Java and XML (AJAX) methodologies JEEMA

  30. Conclusion • A single sign – on can realize multilevel security • The technology is not mature enough in its current form for an enterprise solution that used for National Security • It does provides a stepping stone toward upward mobility in MLS solutions JEEMA

  31. Questions JEEMA

  32. Backup • Control Tree • JMS Configuration JEEMA

More Related