[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Security extension: first announcement + RFC
Wolfgang Kleinertz wrote:
>
> Hello!
>
> Two weeks ago Marcel, Konrad and I met to exchange our views regarding
> the topic: xmlBlaster and security.
>
> Meanwhile I was preoccupied with this first draft.
>
> The major goal of this project is to provide a mechanism to be able to
> write and use plugins. The purpose of such a plugin is to satisfy the
> requested security level.
> This way, it should be possible to add real authentication and
> authorisation (e.g. using kerberos or a2blaster), to make use of digital
> signatures or encrypt the data on a per message level. Adapters to
> different apis like Suns JAAS, JCE, etc. or GSS are also conceivable.
>
> Interfaces:
> 1. I_Subject
> subject related information and actions (e.g. public key)
>
> + String init(String qos);
> + boolean isAuthorized(String key);
>
> 2. I_UsrSessionSecurityContext
> contains session related things like a kerberos "Service Ticket"
>
> + String init(String qos);
> + I_Subject getSubject();
> + boolean isValid();
>
> 3. I_SecurityManager
> servs as factory for the objects behind these interfaces
>
> + I_SecurityManager getInstance(); // singleton
> + I_UsrSessionSecurityContext creatUsrSessionContext();
> + I_Message createMessage();
> + I_Subject createSubject();
>
> 4. I_Message
> used to sign and encrypt messages
>
> + void setTarget(I_UsrSessionSecurityContext s);
> + I_UsrSessionSecurityContext getTarget();
> + void setSource(I_UsrSessionSecurityContext s);
> + I_UsrSessionSecurityContext getSource();
> + void setContent(String xmlMsg);
> + String getContent();
> + void setQoS(String xmlQoS);
> + String getQoS();
> + void seal(); // i.e. sign + encrypt
> + void unseal();
> + boolean isSealed(); // is the message sealed?
> + boolean isTrustworth(); // was it sealed while transmission?
> + boolean isValid; // is the signature correct?
>
> To reduce the necessary changes, it's recommended to introduce helper
> classes. Example for the message flow and the intention of such a
> helper:
>
> net protocol helper xmlBlaster
> handler (blackbox)
> .------- ------ ---------.
> | key | | | | |
> | / / / / |
> ---> | | | -> | | |
> <--- | \ \ \ \ |
> | QoS | | | | |
> | / / / / |
> | | | <- | | |
> | \ \ \ \ |
> | msg | | | | |
> `------- ------ ---------ï
> ^ | .--------.
> | `->| I_Msg. |
> `-----| |<--- (I_UsrSessionSecurityContext)
> `--------ï ^
> |
> (I_Subject)
>
> ---
>
> Additional facts:
> + the old I_Authenticate interface etc. is deprecated
> + changes in the external (client) interfaces are not necessary, except:
> login( ... ): deprecated
> qos init(String qos): replaces login
> wrappers are recommended for compatibility
>
> + all security features are optional xmlBlaster extensions
> + clients need extensions, too
>
> + plugins are bound via xmlBlaster.properties
> ---
>
> Next steps:
>
> + design, discussion, prototyping
> + implementation + implementation of a dummy plugin
> + implementation of a plugin to integrate the a2Blaster
> authentication and authorisation system (www.a2blaster.org)
>
> Okay, that's all for the first time. Further information will follow.
>
> Cheers,
> Wolfgang Kleinertz
>
> PS: Comments are welcome!!!
Hi Wolfgang,
thanks for your proposal.
Some points i did not understand or i am concerned with:
- Which interfaces are on the client side, and which
are on the server side
- Language neutral setup (what about a Python or a C++ client)
How would xmlBlaster.idl look like after the changes?
- Extensible (generic interfaces) to allow future
extensions without braking the contract of older
clients with xmlBlaster
- Simple approach (as simple as possible - but not simpler)
Can you provide a code snippet how a client would
access xmlBlaster with a simple login name/password approach
and as another example using public/private keys?
cu,
Marcel
--
Marcel Ruff
mailto:ruff at swand.lake.de
http://www.lake.de/home/lake/swand/
http://www.xmlBlaster.org