Q: Security management in Client/Server environments (especially CORBA)

Q: Security management in Client/Server environments (especially CORBA)
Secure Home | Search | About
Login Password
Register Now! Lost Password?
 General Computer Security    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content add this group's latest topics to your Google content
Subject Author Date
Q: Security management in Client/Server environments (especially CORBA) Generic Usenet Account 05-16-2005
Posted by Generic Usenet Account on May 16, 2005, 4:01 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
Security Management plays a vital part in any distributed environment.
Services are provided only after the client has been properly
authenticated. After successful authentication, subsequent service
requests contain a certain "handle" that enable the server to trace the
request back to an already authenticated user. The handle can take
many forms ---- for example IP address and port number in the case of
Telnet and FTP.

I have two questions:
(1) Is there a standardized way for a CORBA server to trace a request
from a client application to a previously authenticated user? Or does
it depend on a particular orb implementation?

(2) What are the commonly accepted ways of authorizing requests in a
distributed client/server setup?

If this posting is off-topic, my apologies

Thanks,
Steve



Posted by Ke Jin on May 17, 2005, 10:29 am
If you were  Registered and logged in, you could reply and use other advanced thread options
Generic Usenet Account wrote:
> Security Management plays a vital part in any distributed
environment.
> Services are provided only after the client has been properly
> authenticated. After successful authentication, subsequent service
> requests contain a certain "handle" that enable the server to trace
the
> request back to an already authenticated user. The handle can take
> many forms ---- for example IP address and port number in the case of
> Telnet and FTP.
>
> I have two questions:
> (1) Is there a standardized way for a CORBA server to trace a
request
> from a client application to a previously authenticated user? Or
does
> it depend on a particular orb implementation?
>

See OMG CSIv2 (chapter 24 of CORBA 3).

> (2) What are the commonly accepted ways of authorizing requests in a
> distributed client/server setup?

See OMG Authorization Token Layer Acquisition Service (ATLAS)
specification.

Ke



Similar ThreadsPosted
SSRT5958 rev.0 - HP OpenView Radia Management Portal (RMP) Radia Management Agent (RMA) Remote Unauthorized Privileged Access and Denial of Service (DoS) April 28, 2005, 6:33 pm
BS7799-3 Security Risk Management Standard Released Today March 16, 2006, 7:44 am
CFP: The 2009 International Conference on Security and Management (SAM'09), USA, July 13-16, 2009 January 4, 2009, 4:28 am
Call for Papers: The 2009 International Conference on Security and Management (SAM'09), USA, July 13-16, 2009 November 30, 2008, 7:58 pm
Call for Papers with Extended Deadline: 2007 International Conference on Security and Management (SAM'07), June 25-28, 2007, USA February 25, 2007, 6:01 am
Call for Papers with Extended Deadline of Mar. 10, 2008: The 2008 International Conference on Security and Management (SAM'08), USA, July 2008 March 5, 2008, 3:36 pm
IT Risk Management June 20, 2004, 1:50 pm
risk management April 14, 2008, 7:37 am
Vulnerabilities Management System June 11, 2004, 4:50 am
Patch management factors January 29, 2005, 7:22 pm

The site map in XML format XML site map

Contact Us | Privacy Policy