Developing secure distributed systems with CORBA

This text is a clearly-written guide to building secure distributed applications with CORBA. It helps securing CORBA applications, integrating security infrastructure with CORBA applications, and evaluating the security effectiveness of distributed applications. The book provides a comprehensive study of the CORBA security architecture, allowing for a better understanding of its goals and limitations. It is designed to serve as a complete reference for understanding security in distributed systems. The book also illustrates the usage of the MICOSec CORBA security services implementation, including important information on the installation and configuration of MICOSec, the usage of two different kinds of application-facing interfaces, and the configuration of CORBA security for applications that do not contain any security-related modifications.

• Part I CORBA security: introduction to CORBA - why CORBA?, the object management group (OMG), the object management architecture (OMA), the common object request broker architecture (CORBA), how does it all work together?, creating and running an example application
• the security basics - what is security?, why security?, aspects of security within CORBA, security management, threats, vulnerabilities, countermeasures, middleware security
• the CORBA security architecture - design goals, architectural components, secure CORBA on the Internet, conformance, features or wish list? Part II MICOSec: getting started with MICOSec - free software, MICO installation, MICOSec installation
• security level 1 - level 1 functionality, level 1 interface, a security-aware bank application example, implementation overview and conformance
• security level 2 - level 2 functionality overview, principal authentication and secure association
• object domain mapper for access control and audit
• access control
• security auditing
• delegation
• implementation overview and conformance
• security-unaware functionality - security-unaware functionality overview, principal authentication and secure association, object domain mapping, access control, security auditing, delegation, implementation overview and conformance.