Sciweavers

ACSAC
2001
IEEE

Verifiable Identifiers in Middleware Security

14 years 3 months ago
Verifiable Identifiers in Middleware Security
fies a number of issues related to security information r semantics on different layers of abstraction. In particular it is difficult to express caller and target accurately in the middleware security policy with the information available on the middleware layer. The problems discussed in this paper were encountered during the development of MICOSec [7], our CORBA Security Services implementation for the MICO ORB [3]. This section briefly reviews CORBA security and the terminology used. Section 2 describes the different f abstraction in a secure CORBA environment and identifies the boundaries of the middleware (ORB) layer. Section 3 evaluates the usefulness of a range of potential ways of describing the main ORB layer components: caller, message, and target. In section 4, our MICOSec CORBA Security implementation is presented. Finally, section 5 summarizes the observations of this paper, and a conclusion is given in section 6. Note that, although CORBA was chosen as an example for midd...
Ulrich Lang, Dieter Gollmann, Rudolf Schreiner
Added 23 Aug 2010
Updated 23 Aug 2010
Type Conference
Year 2001
Where ACSAC
Authors Ulrich Lang, Dieter Gollmann, Rudolf Schreiner
Comments (0)