[omniORB] Securing a Name Service

Duncan Grisby dgrisby@uk.research.att.com
Fri, 29 Jun 2001 15:10:30 +0100


On Tuesday 26 June, "W. Eliot Kimber" wrote:

> We started thinking today about security issues surrounding the use of
> CORBA naming services. A look at the naming service spec makes it clear
> that there is no built-in security facility (if I was looking at the
> latest version of the spec--I find the OMG site difficult to navigate
> and I'm never sure if I've got the latest version of a spec).

There is indeed nothing about security in the Naming service
specification.

[...]
> Am I correct in my surmise that the solution to this problem would be to
> implement our own naming service that provides some form of
> authentication function? The OmniNames docs didn't suggest any feature
> like this. Has anyone else addressed this problem of naming service
> access control?

I'm not aware of anyone who has made an authentication-based
equivalent to the Naming service. It wouldn't be too hard to create
one, based on omniNames. You would have to create a new set of IDL
definitions rather than changing the CosNaming interfaces, though.

> Are there other things that could be, say at the network level, to
> control name service access? I can't think of any off hand, but then I'm
> not network security expert either.

There is a CORBA security specification which attempts to cover this
sort of issue. It's huge and complex, and there are few
implementations of it. omniORB doesn't support it.

Cheers,

Duncan.

-- 
 -- Duncan Grisby  \  Research Engineer  --
  -- AT&T Laboratories Cambridge          --
   -- http://www.uk.research.att.com/~dpg1 --