[omniORB] Securing a Name Service

JohnD.Heintz JohnD.Heintz
Fri, 29 Jun 2001 10:15:23 -0500


Okay, I can live with these.

Last question (and I'm sorry if it's been discussed already):
Can I do this from Python and what magic (insPOA?) do I use to enable INS=
=20
corbaloc and corbaname to work?

Thanks for the time,
John

On Friday 29 June 2001 09:46, Duncan Grisby wrote:
> On Friday 29 June, John D. Heintz wrote:
> > All we are looking for is to be able to provide read access (the
> > corbaname: part of INS) to the general TCP connection and _some_
> > controlled write access.  Any way of doing that write access is
> > acceptable really.
>
> If you can tolerate disabling outside connections while doing writes,
> you could make a version of omniNames which reads a log file from a
> previous run of the full version, but doesn't support the write
> operations. Then to do a write, you kill the non-write version and
> start the full version with a TCP wrappers set-up which prevents
> outside access. Not exactly convenient, but it would work.
>
> A better solution would be to derive a new interface from
> CosNaming::NamingContext, with new versions of the write functions. A
> simple version would be
>
> interface AuthenticatedNamingContext : CosNaming::NamingContext
> {
>     void auth_bind (in Name n, in Object obj, in Cookie c)
>       raises (NotFound, CannotProceed, InvalidName, AlreadyBound);
>
>     void auth_rebind (in Name n, in Object obj, in Cookie c)
>       raises (NotFound, CannotProceed, InvalidName);
>
>     ...
> };
>
> where Cookie is some sort of hard-to-guess token. Then you kill the
> implementations of the base CosNaming::NamingContext write operations,
> and only allow the authenticated versions.
>
> That would work OK if the clients with write access were in the same
> local area network as the server, so the cookies couldn't be sniffed.
> To make it properly secure for wide area use, you'd have to have some
> sort of challenge-response or public key system.
>
> Security is hard. :-(
>
> Cheers,
>
> Duncan.

--=20
=2E . . . . . . . . . . . . . . . . . . . . . . .

John D. Heintz | Senior Engineer

1016 La Posada Dr. | Suite 240 | Austin TX 78752
T 512.633.1198 | jheintz@isogen.com

w w w . d a t a c h a n n e l . c o m