JavaPolis 2004 Access Control Architectures: COM+ vs. EJB

Similar documents
Software Components and Distributed Systems

Introduction to componentbased software development

Designing a Distributed System

Implementing a Web Service p. 110 Implementing a Web Service Client p. 114 Summary p. 117 Introduction to Entity Beans p. 119 Persistence Concepts p.

Client/Server-Architecture

Distributed Middleware. Distributed Objects

Today: Distributed Objects. Distributed Objects

Distributed Object-Based Systems The WWW Architecture Web Services Handout 11 Part(a) EECS 591 Farnam Jahanian University of Michigan.

Securent Entitlement Management Solution. v 3.1 GA. JACC Agent for WebSphere. September Part No. 31GA-JACCAGENTWEBSPHERE-1

Developing Software Applications Using Middleware Infrastructure: Role Based and Coordination Component Framework Approach

Middleware for Heterogeneous and Distributed Information Systems

Security Engineering for Large Scale Distributed Applications

Application Servers G Session 11 - Sub-Topic 2 Using Enterprise JavaBeans. Dr. Jean-Claude Franchitti

T NAF: Jini & EJB

Middleware: Challenges and Evolution from Procedural to Service Orientation

Chapter 10 DISTRIBUTED OBJECT-BASED SYSTEMS

JAYARAM. COLLEGE OF ENGINEERING AND TECHNOLOGY Pagalavadi, Tiruchirappalli (An approved by AICTE and Affiliated to Anna University)

A Strategic Comparison of Component Standards

Appendix A - Glossary(of OO software term s)

Overview p. 1 Server-side Component Architectures p. 3 The Need for a Server-Side Component Architecture p. 4 Server-Side Component Architecture

Chapter 2 System Models

Enterprise JavaBeans Benchmarking 1

INTRODUCTION TO Object Oriented Systems BHUSHAN JADHAV

Reflective Java and A Reflective Component-Based Transaction Architecture

Comparative Analysis of EJB3 and Spring Framework

Local-Remote Transparency Framework for Passing Mutable Objects to Remote Operations

Outline. Project Goal. Overview of J2EE. J2EE Architecture. J2EE Container. San H. Aung 26 September, 2003

J2EE Interview Questions

Electronic Payment Systems (1) E-cash

Plan. Department of Informatics. Advanced Software Engineering Prof. J. Pasquier-Rocha Cours de Master en Informatique - SH 2003/04

MTAT Enterprise System Integration. Lecture 2: Middleware & Web Services

Agent-Enabling Transformation of E-Commerce Portals with Web Services

Events Will Transform Application Servers

Towards Software Architecture at Runtime

Fast Track to EJB 3.0 and the JPA Using JBoss

DCOM CORBA EJB DCOM CORBA CORBA EJB DCOM EJB

Key Ideas. OO Analysis and Design Foundation. Objectives. Adapted from slides 2005 John Wiley & Sons, Inc.

DISTRIBUTED SYSTEMS. Second Edition. Andrew S. Tanenbaum Maarten Van Steen. Vrije Universiteit Amsterdam, 7'he Netherlands PEARSON.

Link Aggregation: A Server Perspective

Reference: Java Web Services Architecture James McGovern, Sameer Tyagi, Michael Stevens, and Sunil Mathew, 2003

Authorization Recycling in RBAC Systems

Advanced Java Programming SRM UNIVERSITY FACULTY OF SCIENCE AND HUMANITIES DEPARTMENT OF COMPUTER SCIENCE

Distributed Objects. Object-Oriented Application Development

BEAWebLogic. Server. Programming WebLogic Deployment

Mastering RMI: Developing Enterprise Applications In Java And EJB By Öberg, Rickard Oberg, Rickard READ ONLINE

APPLICATION SECURITY ENHANCEMENTS IN JAVA EE 6

Implementing Architectures

Java RMI Middleware Project

the Corba/Java Firewall

Application Servers in E-Commerce Applications

Interconnection of Distributed Components: An Overview of Current Middleware Solutions *

Enterprise JavaBeans (I) K.P. Chow University of Hong Kong

KINGS COLLEGE OF ENGINEERING DEPARTMENT OF COMPUTER SCIENCE & ENGINEERING ACADEMIC YEAR (ODD SEMESTER) QUESTION BANK

Database code in PL-SQL PL-SQL was used for the database code. It is ready to use on any Oracle platform, running under Linux, Windows or Solaris.

Module 1 - Distributed System Architectures & Models

Semantic SOA - Realization of the Adaptive Services Grid

Distributed Object Bridges and Java-based Object Mediator

J2EE for Glast. Matthew D. Langston (SLAC) 4/25/2004

PersistF: A Transparent Persistence Framework with Architecture Applying Design Patterns

Socket attaches to a Ratchet. 2) Bridge Decouple an abstraction from its implementation so that the two can vary independently.

Chapter 2 Introduction

Hands-on Development of Web Applications with Java EE 6

Java 2 Platform, Enterprise Edition: Platform and Component Specifications

Large-Scale Patch Automation for the Cloud-Generation DBAs

WebSphere Application Server, Version 5. What s New?

Enterprise JavaBeans 3.1

Distributed Computing

Integration of Non-Functional Properties in Containers

GlassFish v2.1 & Enterprise Manager. Alexis Moussine-Pouchkine Sun Microsystems

Mastering RMI: Developing Enterprise Applications In Java And EJB By Öberg, Rickard Oberg, Rickard READ ONLINE

AN INTEGRATED COMPONENT-BASED APPROACH TO ENTERPRISE SYSTEM SPECIFICATION AND DEVELOPMENT

Limitations of Object-Based Middleware. Components in CORBA. The CORBA Component Model. CORBA Component

Future Work. Build applications that use extensions to optimize performance. Interface design.

Advanced Topics in Operating Systems

Component-based Architecture Buy, don t build Fred Broks

Enterprise JavaBeans TM

Oracle Developer Day

Classloader J2EE rakendusserveris (Bea Weblogic Server, IBM WebSphere)

POAD Book: Chapter 4: Design Patterns as Components Chapter 5: Visual Design Models

Component-Based Platform for a Virtual University Information System

J2EEML: Applying Model Driven Development to Autonomic Enterprise Java Bean Systems

IBM WebSphere Application Server v6

Enterprise JavaBeans(TM): Developing Component- Based Distributed Applications By Thomas B. Valesky READ ONLINE

Implementing Remote Procedure Calls*

BCS Higher Education Qualifications. Diploma in IT. Object Oriented Programming Syllabus

IBM Rational Application Developer for WebSphere Software, Version 7.0

Dynamic Adaptability of Services in Enterprise JavaBeans Architecture

Novell Access Manager 3.1

Oracle Fusion Middleware 11g: Build Applications with ADF I

Incorporating applications to a Service Oriented Architecture

A NEW DISTRIBUTED COMPOSITE OBJECT MODEL FOR COLLABORATIVE COMPUTING

CHARLES UNIVERSITY, PRAGUE FACULTY OF MATHEMATICS AND PHYSICS. Master Thesis. Michael Cífka Visual Development of Software Components

Chapter 1: Distributed Systems: What is a distributed system? Fall 2013

SAI/ST course Distributed Systems

INTERNET-BASED COMPUTER-AIDED DESIGN: LEVERAGING PRODUCT MODEL, DISTRIBUTED OBJECT, AND WORLD WIDE WEB STANDARDS

LESSON PLAN SUB NAME : MIDDLEWARE TECHNOLOGIES UNIT: I CLIENT / SERVER CONCEPTS SEMESTER : 7

Hierarchical vs. Flat Component Models

A QoS-aware CCM for DRE System Development

Analysis of Passive CORBA Fault Tolerance Options for Real-Time Applications Robert A. Kukura, Raytheon IDS Paul V. Werme, NSWCDD

<Insert Picture Here> The Oracle Fusion Development Platform: Oracle JDeveloper and Oracle ADF Overview

Transcription:

JavaPolis 2004 Access Control Architectures: COM+ vs. EJB Dr. Konstantin Beznosov Assistant Professor University of British Columbia

Overall Presentation Goal Learn about the capabilities of COM+ and EJB access control mechanisms

Speaker s Qualifications Konstantin Worked for end-user, consulting, and developer organizations Co-authored CORBA Security specification proposals Resource Access Decision Security Domain Membership Management (SDMM) CORBA Security Co-authored

Conclusions Access control capabilities in both COM+ and EJB suck! One of them, however, is extensible

outline Introduction distributed security basics distributed access control evaluation criteria COM+ EJB Conclusions

distributed security basics

Middleware Security Stack Client Application Proxy ORB Security Service Security Mechanism Implementation OS Network RPC Abstraction Middleware Security security context abstraction Actual messages Server Application Application Server Skeleton Adapter ORB Security Service Security Mechanism Implementation OS Network

requirements due to distribution centralized administration localized run-time decisions

object paradigm & security (1/2) objects small amounts of data ==> large numbers o R: Scale on large numbers of objects and methods diverse methods ==> complex semantics o R: Security administrators should not have to understand semantics of methods collections R: Similar names or locations should NOT impose membership in same collection(s). R: For an object to be assigned to the same collection, name similarity and/or co-location should not be required.

object paradigm & security (2/2) many layers of indirection and late binding names multi-name, nameless and transient objects R: Transient objects should be assigned to security policies without human intervention. less rigid naming hierarchies R: No assumptions that administrators know a name of each object in the system.

distributed access control

Access Control at Run-time Application Target Access Request Enforcement Function Decision Decision Request Decision Function Middleware Security Subsystem Middleware Access Request

authorization decisions which policies? which collections policy composition policy evaluation information push vs. pull

evaluation criteria 1/2 GRANULARITY -- granularity of protected resources application, interface, method, arbitrary resource. EXPRESSIVENESS -- support for different access control models RICHNESS -- the variety of information available for making authorization decisions, including applicationspecific information CONSISTENCY -- support for consistency of policies across multiple applications

evaluation criteria 2/2 MANAGEABILITY -- support for insertion and deletion of applications, changes in policies, user population and the computing environment SCALABILITY -- performance and administration scalability OBJECT PARADIGM REQUIREMENTS -- satisfying the requirements due to the object paradigm EXTENSIBILITY -- support for unforeseen policies

COM+

Administering Access Control

COM+ Access Control Architecture

scaling with collections groups permission collections via roles components, interfaces Clients Methods Targets Subjects

evaluating COM+ 1/2 Granularity + component method but not component instance method Expressiveness -- supporting different policies + RBAC 0 + RBAC 1 through W2K domain nested groups Richness -- information for making decisions subject group attributes, component type and method Consistency -- across multiple applications requires application redeployment, or manual changes in each application instance

evaluating COM+ 2/2 Manageability -- changes to policies, users, appl-s + user population -- Windows domain groups could help application population + replication -- easy to use packaging o new -- labor intensive and error prone changes in policies -- labor intensive and error prone computing environment -- easy to use packaging Scalability -- performance and admin. scalability + subject groups, several levels of permission granularity, permission collections permissions (collections) local to the application bound by the underlying OS scalability Object paradigm requirements + roles isolate administrators from method semantics machine co-located instances of the same component are governed by one policy Extensibility -- support for unforeseen policies only through programmatic security inside of application

further reading on COM+ B. Hartman, D. J. Flinn, K. Beznosov, and S. Kawamoto, chapter 7, Mastering Web Services Security, 1st ed. New York: John Wiley & Sons, Inc., 2003. K. Brown, Programming Windows Security, First ed. Upper Saddle River, NJ: Addison-Wesley, 2000. M. Howard, M. Levy, and R. Waymire, Designing Secure Web-based Applications for Microsoft Windows 2000. Redmond, Washington USA: Microsoft Press, 2000. MSDN Knowledge Base. http://msdn.microsoft.com

EJB

Defining Roles in EJB <assembly-descriptor> <security-role> <description> blah-blah-blah </description> <role-name>member</role-name> </security-role> <security-role> <description> blah-blah-blah </description> <role-name>customer</role-name> </security-role> <security-role> <description> blah-blah-blah </description> <role-name>staff</role-name> </security-role>... </assembly-descriptor>

Assigning Users to Roles in EJB <security-role-mapping> <role-name>member</role-name> <principal-name>jgarcia</principal-name> <principal-name>mwebster</principal-name> <group-name>team-leads</group-name> </security-role-mapping> <security-role-mapping> <role-name>customer</role-name> <principal-name>dsmith</principal-name> </security-role-mapping>

Assigning Methods to Roles in EJB <method-permission> <role-name>staff</role-name> <method> <ejb-name>product</ejb-name> <method-name>*</method-name> </method> </method-permission> <method-permission> <role-name>customer</role-name> <role-name>member</role-name> <method> <ejb-name>product</ejb-name> <method-name>getprice</method-name> </method> </method-permission>

roles and permissions in EJB

scaling with collections attributes permission collections via method permissions applications, beans Clients Operations Targets Subjects

Custom Authorization in EJB Java Authorization Contract for Containers (JACC) (formerly known as JSR 115) Part of J2EE v1.4 defines an interface for pluggable authorization providers

Fine-grain authorization in EJB iscallerinrole(role)

evaluating EJB 1/2 Granularity + bean method in application not at bean instance + arbitrary resource with security-role-ref Expressiveness -- supporting different policies + RBAC 0 RBAC 1-3 -- product specific Richness -- information for making decisions any user attributes are reduced to roles -- product specific Consistency -- across multiple applications product specific requires application redeployment, or manual changes in each application instance

evaluating EJB 2/2 Manageability -- changes to policies, users, appl-s user population -- product specific application population + replication -- easy to use packaging o new -- labor intensive and error prone changes in policies -- labor intensive and error prone + computing environment -- easy to use packaging Scalability -- performance and admin. scalability subject groups -- product specific + three levels of permission granularity, permission collections local to the application permissions (collections) Object paradigm requirements + roles isolate administrators from method semantics container co-located instances of the same bean are governed by one policy Extensibility -- support for unforeseen policies mostly through programmatic security inside of application + allows mapping from external to internal roles + JSR 115 Java Authorization Contract for Containers JACC

further reading on EJB Sun, Enterprise JavaBeans Specification, Version 2.0, Sun Microsystems Inc., October 23 2000. E. Roman, S. Ambler, and T. Jewell, Mastering Enterprise JavaBeans, Second ed: Wiley Computer Publishing, 2002. B. Hartman, D. J. Flinn, and K. Beznosov, Enterprise Security With EJB and CORBA. New York: John Wiley & Sons, Inc., 2001. B. Hartman, D. J. Flinn, K. Beznosov, and S. Kawamoto, chapter 7, Mastering Web Services Security, 1st ed. New York: John Wiley & Sons, Inc., 2003. Sun Microsystems, JSR 115: Java Authorization Service Provider Contract for Containers, 2002, http://java.sun.com/aboutjava/communityprocess/jsr/jsr_ 115_authorization.html.

Conclusions Access control capabilities in both COM+ and EJB suck! EJB is extensible through JACC

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback