Abstract
This work presents an implementation technique which exploits separation of concerns and reuse in a CORBA-based, multi-tier architecture to improve the security (availability, integrity, and confidentiality) level of an existing application. Functional properties are guaranteed via wrapping of the existing software modules. All security mechanisms are handled by the business logic of the middle-tier. Availability and integrity are achieved via replication of the functional modules. Confidentiality is obtained via cryptography. The technique is presented with regard to a case study application. We describe the conceptual model behind the architecture, discuss implementation issues, and present technical solutions.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Y. Deswarte, K. Kanoun, and J. C. Laprie, “Diversity against Accidental and Deliberate faults”, in Computer Security, Dependability, and Assurance, P. Amman, B.H. Barnes, S. Jajodia, E.H. Sibley, eds, IEEE Computer Society Press, 1999
D. Atkins, et al., “Internet Security Professional Reference”. 2nd edn. New Riders Publishing, Indianapolis, 1997
J. C. Laprie, “Dependable Computing and Fault Tolerance: Concepts and Terminology”, in Proc. of 15th International Symposium on Fault Tolerant Computing, IEEE Computer Society,, pp. 2–11, Ann Arbor, MI, 1985.
Z.T. Kalbarczyk, S. Bagchi, K. Whisnant, and R.K. Iyer, “Chameleon: A software Infrastructure for Adaptive Fault Tolerance”, in IEEE Transactions on Parallel and Distributed Systems, vol.10, no.6, June 1999.
L.E. Moser, P.M. Melliar-Smith, P. Narasimhan, L. Tewksbury and V. Kalogeraki, “The Eternal System: An Architecture for Enterprise Applications”, in Proc. of International Enterprise Distributed Object Computing Conference,University of Mannheim, Germany (September 1999), pp. 214–222
K.K. Goswami, R.K. Iyer, “Simulation of Software Behavior Under Hardware Faults”, in Proc. of the 23rd Annual International Symposium on Fault-Tolerant Computing, Toulouse, France, June 1993.
John D. Howard, An Analysis of Security Incidents on the Internet 1989-1995, Apr. 1997, Pittsburgh, Pennsylvania, USA. http://www.cert.org/research/JHThesis/Start.html
R. Han, D. Messerschmitt, A progressively reliable transport protocol for interactive wireless multimedia, in Multimedia Systems 7: pp. 141–156, 1999
M. Cukier et al., “AQuA: An Adaptive Architecture that Provides Dependable Distributed Objects”, in Proc. of the 17th IEEE Symposium on Reliable Distributed Systems (SRDS’98),West Lafayette, Indiana, USA, October 23, 1998, pp. 245–253.
P. Narasimhan, L. E. Moser, P.M. Melliar-Smith, “Replica Consistency of Objects in Partitionable Distributed Systems”, in Distributed Systems Engineering, vol.4, no.3, September 1997, pp. 139–150.
J.C. Fabre and T. Pèrennou, “A Metaobject Architecture for Fault-Tolerant Distributed Systems: The FRIENDS Approach”,in IEEE Transactions on Computers, vol. 47, no. 1, January 1998.
P. Felber, R. Guerraoui, A. Schiper, “The Implementation of a Object Group Service”, in Theory and Practice of Object Systems (TAPOS),Wiley&Sons, Vol. 4, No. 2, 1998.
Ken Birman, Robert Constable, Mark Hayden, Christopher Kreitz, Ohad Rodeh, Robbert van Renesse, Werner Vogels,The Horus and Ensemble Projects: Accomplishments and Limitations, in Proceedings of the DARPA Information Survivability Conference & Exposition (DISCEX’ 00), January 25-27 2000 in Hilton Head, South Carolina
D.E. Bakken, Z. Zhan, C.C. Jones, D.A. Karr, Middleware Support for Voting and Data Fusion, in: The 2001 International Conference on Dependable Systems and Networks, IEEE-CS, 2001, pp. 453–462.
Institute for Applied Information Processing and Communications, March 2001 http://jcewww.iaik.tu-graz.ac.at/jce/jce.htm.
IONA Technologies PLC, “Orbix 2000 SSL/TLS Programmer’s Guide”. December 2000 available on http://www.iona.com.
R. Housley, W. Ford, W. Polk, D. Solo, Internet X.509 Public Key Infrastructure Certificate and CRL Profile, RFC 2459, January 1999.
IONA Technologies PLC, “Orbix 2000 Programmer’s Guide Java Edition”. December 2000 available on http://www.iona.com.
National Institute of Standards and Technology: Secure Hash Standard, FIPS PUB 180-1, Federal Information Processing Standards Pubblication, 1995 (available online at http://www.itl.nist.gov/.pspubs/.ps180-1.htm)
R. Rivest, The MD5 Message-Digest Algorithm, RFC 1321, MIT LCS & RSA Data Security Inc., April 1992.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2002 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Cotroneo, D., Mazzeo, A., Romano, L., Russo, S. (2002). Implementing a CORBA-Based Architecture for Leveraging the Security Level of Existing Applications. In: Meersman, R., Tari, Z. (eds) On the Move to Meaningful Internet Systems 2002: CoopIS, DOA, and ODBASE. OTM 2002. Lecture Notes in Computer Science, vol 2519. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-36124-3_49
Download citation
DOI: https://doi.org/10.1007/3-540-36124-3_49
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-00106-5
Online ISBN: 978-3-540-36124-4
eBook Packages: Springer Book Archive