Repository logo

Browsing by Subject "Internet Inter-ORB Protocol"

Filter results by typing the first few letters
Now showing 1 - 1 of 1
  • thumbnail.journal.alt
    Item type:Article, Access status: Open Access ,
    Mostek bezpieczeństwa dla protokołu Internet Inter-ORB Protocol
    (Wydawnictwa AGH, 1999) Pietras, Paweł; Słowikowski, Paweł
    In this paper, we present a security bridge for the Internet protocol of interoperability amongst CORBA objects - the Internet Inter-ORB Protocol (HOP). The bridge helps in making accessible objects in the Internet and makes possible the access control to them. The bridge was realized in the popular request broker the Visigenic's VisiBroker under Windows 95/NT and Solaris 2.X operating systems. We describe two ways of locating the bridge in the request broker. The first means uses one name domain of broker and is not transparent for client. The second one uses two name domains and provides objects protection on the level of the Naming Service and is transparent for the client. We also describe the variant of the second means with using GateKeeper server to support HOP tunneling within HTTP. We emphasize the importance of a firewall, cooperating with a bridge, which is required for the purpose of providing object protection. The paper presents an original conception of security managing, basing on the ideas of users, groups and resources defined using the standard terms of CORBA, HOP and TCP/IP, that allows to control positively and negatively the access to classes (interfaces), objects and also to their individual methods. This conception was effectively implemented in a functioning bridge. Further chapters describe the foundations and some details of the bridge implementation such as the use of the Interface Repository, cache memory application, thread synchronization and the way of synchronization of the configuration applet with the bridge's objects. We discuss the influence of these solutions on the efficiency of the bridge and its source code portability. We also present the general structure of the component objects of the bridge with a scheme. In the next part we characterize the implementation foundations of the bridge manager, realized as an applet in Java, with the stress on the possibility of the bridge configuration through the network. Later, we describe the functionality of the bridge manager, which allows the configuration of all the important parameters of the bridge and of the security management. The next chapter discusses the conclusions from the efficiency tests of the two main bridge layers - the bridge manager and the bridge itself (proxy mechanism), the influence of the usage of memory caching on its efficiency. We provide there also an overall evaluation of the obtained results. The last chapter includes a summary and discusses the bridge advantages and limitations as well as its evolution possibilities.