Contents

• Contents
• 1. Disclaimer and Copyright, Copying, and Other Information
  • 1.1 Disclaimer
  • 1.2 Copyright Policy
  • 1.3 Who sponsors the FAQ?
• 2. About this FAQ
  • 2.1 Why is this FAQ created?
  • 2.2 Notations
  • 2.3 Who should read it?
  • 2.4 How should I read this FAQ?
  • 2.5 Where can I get the most recent copy of this FAQ?
  • 2.6 I could not find an answer to my question here, where else can I ask my question?
  • 2.7 Are there any newsgroups or mailing lists about CORBASEC that I can join?
  • 2.8 Who is maintaining this FAQ?
  • 2.9 What is SecSIG?
  • 2.10 What is secsig@omg.org mail list for?
  • 2.11 What is SecRTF?
  • 2.12 I found a mistake in this FAQ, where can I submit it?
  • 2.13 How can I contribute to this FAQ?
  • 2.14 Who contributed to this FAQ?
  • 2.15 Wish list
• 3. General Questions
  • 3.1 What's ``CORBA Security Service''?
  • 3.2 What's ``CORBASEC''?
  • 3.3 What's the difference between ``CORBA Security Service'' and ``CORBASEC''?
  • 3.4 What's CORBA?
  • 3.5 Where can I find more about CORBA?
  • 3.6 Where can I find more about CORBASEC?
  • 3.7 What books describe or review CORBASEC and in what detail?
    • 3.7.1 ``Instant CORBA''
  • 3.8 What magazine publications describe, review, compare, critique CORBASEC?
  • 3.9 Are there any papers or articles that compare CORBA security with security of other distributed object computing frameworks such as Java RMI or DCOM?
  • 3.10 Where can I get a tutorial about CORBASEC?
  • 3.11 What papers about CORBASEC and related issues are out there?
  • 3.12 Is there any group or lab research on CORBA security service?
• 4. CORBASEC specification
  • 4.1 General
    • 4.1.1 Where can I get the official specification of CORBASEC?
    • 4.1.2 Where can I get IDL code of CORBASEC interfaces?
    • 4.1.3 What is the current version of CORBASEC official specification?
    • 4.1.4 Are there any upcoming updates of the specification?
    • 4.1.5 Who is responsible for producing specification updates?
    • 4.1.6 Are there any upcoming new releases of the specifications?
    • 4.1.7 Who is responsible for producing new specification releases?
    • 4.1.8 Where can I find a list of outstanding issues in CORBASEC specification?
    • 4.1.9 I found a typo in the specification, where can I submit it?
    • 4.1.10 Is there a set of UML diagrams for the CORBASEC Specification?
    • 4.1.11 I found an error in the specification, where can I submit it?
    • 4.1.12 I have an idea how to ``improve'' the specification, where can I propose it?
    • 4.1.13 What are the shortcomings of CORBA Security service?
    • 4.1.14 Is it completely true that the CORBA Security service is a direct lift of DCE Security?
    • 4.1.15 What is "Principal", and what is meant by "Principal authentication"?
    • 4.1.16 What are credentials?
    • 4.1.17 How are attributes used?
    • 4.1.18 What does it mean to be conformant to CORBA Security specification?
    • 4.1.19 What about conformance to the Common Secure Interoperability specification?
    • 4.1.20 What are the protocols used by CSI?
    • 4.1.21 What about CSI with SSL?
    • 4.1.22 What is a "Session"?
    • 4.1.23 How does security context get established between client and server?
    • 4.1.24 Is there somewhere a description of the context management?
    • 4.1.25 What is the validity of a context?
    • 4.1.26 Does a new context for a target have be established if a client is accessing a new target on the same server?
    • 4.1.27 Will the current context be valid for all requests of the client (and all replies of the server) till the client decides that the context is not valid anymore?
    • 4.1.28 Which instance manages the contexts?
    • 4.1.29 Which instance decides that now, the "Session" is over, and the context can be deleted?
    • 4.1.30 Are the any interfaces specified in CORBASEC for controlling security context by security-aware applications?
    • 4.1.31 How is access controlled?
    • 4.1.32 How are privacy and non-repudiation addressed by CORBASEC?
  • 4.2 Application developer
    • 4.2.1 How does CORBA security affect application writers?
    • 4.2.2 Do we need to pass the UserId as a parameter or there is some other way of getting it?
    • 4.2.3 How would one incorporate security into an ORB system in the next 6 months, so that the solution would not be obsoleted in the following 6?
    • 4.2.4 Does CORBA security guarantee that the request and reply are not tampered and not intercepted on their way between the client and the target?
    • 4.2.5 Is it necessary to secure naming service?
    • 4.2.6 How to come up with application security design using CORBA Security service?
    • 4.2.7 How does a security-aware application specify the use of a specific algorithms for supporting communication confidentiality and integrity?
    • 4.2.8 What is available in CORBASEC for strong (writer-to-reader) authentication?
  • 4.3 Administrator
    • 4.3.1 What are the semantic connotations for rights in CORBA rights family?
    • 4.3.2 How to use the access control mechanism?
    • 4.3.3 Do I have to "protect" every object, even those which are not thought to be used from outside?
    • 4.3.4 How is related work at OMG on Security Administration and Common Management Facilities ?
    • 4.3.5 What is the granularity of access control on object invocations?
    • 4.3.6 Where are access control lists stored?
    • 4.3.7 How do servers ``know'' what domain to put new objects into and when to create new security policy domains?
    • 4.3.8 What about transient objects created by factories?
    • 4.3.9 How would access control mechanisms be applied to secure, let's say, naming service?
  • 4.4 Implementor
    • 4.4.1 Where can I find some source code which implementation Security Service?
    • 4.4.2 Is there any document on how to implement the CORBA security service?
    • 4.4.3 If I want implement the CORBA security service, what should I do?
    • 4.4.4 What is the intent of the credentials object design?
    • 4.4.5 Does the existing Authorization Service of CORBASec scale in a "well" distributed-object environment?
    • 4.4.6 Can a client implementation circumvent administrative security policies?
    • 4.4.7 What is the "public" security attribute of a principal?
    • 4.4.8 Under what circumstances do Credentials contain the ``public'' attribute?
    • 4.4.9 What is the value and the defining authority of the ``public'' attribute?
• 5. CORBASEC implementations
  • 5.1 General
    • 5.1.1 Where can I find an implementation of Security Services ?
    • 5.1.2 Where can I find exactly what product implements what Security level and options?
    • 5.1.3 What ORBs claim to have ``security'' functionality?
    • 5.1.4 Does anyone know of a product that is IIOP compliant and provides CORBA security service level 1?
    • 5.1.5 Is there any free/trial/evaluation version of an ORB with Security Service for Java?
    • 5.1.6 What would be the most suitable ORB product(s) when buliding a (very) small lab for evaluating, testing and implementing security functions in a CORBA system?
    • 5.1.7 Are CORBAsec implementations from the US generally subjected to export control?
  • 5.2 Particular Implementations
    • 5.2.1 DAIS Security
      • 5.2.1.1 What is DAIS Security?
      • 5.2.1.2 What is the current version of DAIS Security
      • 5.2.1.3 What is the current status of DAIS Security?
      • 5.2.1.4 Does DAIS conform to CORBASEC specifications?
      • 5.2.1.5 Why did ICL choose the CSI-ECMA security mechanism in its DAIS Security implementation?
      • 5.2.1.6 What features does DAIS Security offer?
      • 5.2.1.7 What is the advantage of using roles in DAIS Security?
      • 5.2.1.8 What are the advantages (and disadvantages) of using public key technology in DAIS Security?
      • 5.2.1.9 What are the advantages (and disadvantages) of using secret key technology (passwords) in DAIS Security?
      • 5.2.1.10 Why have domains in DAIS Security?
      • 5.2.1.11 Why policy domains?
      • 5.2.1.12 Where can find more information on DAIS Security?
    • 5.2.2 OrbixSecurity
      • 5.2.2.1 What is the conformance level of OrbixSecurity?
      • 5.2.2.2 Where do I start from in order to use OrbixSecurity?
      • 5.2.2.3 What DCE components are required to use OrbixSecurity?
      • 5.2.2.4 Can a user on a remote machine still run the server and call its methods if he or she changes their username on the remote machine deliberately to match the registered users list?
      • 5.2.2.5 What authentication process is used in OrbixSecurity?
      • 5.2.2.6 How does OrbixSecurity work and how and what component of DCE needs to be installed?
      • 5.2.2.7 Can we use Orbix security to provide Access control at Object instance level?
      • 5.2.2.8 Authentication Security Exception
  • 5.3 VisiBroker
    • 5.3.1 Does anyone has experience on implementing system access control and security service using VisiBroker for Java?
  • 5.4 omniORB⁴⁴
    • 5.4.1 If there is a security service supported by omniORB and if not are there any plans to create one?
  • 5.5 Intraverse
    • 5.5.1 Has anybody integrated DASCOM's Intraverse and Entrust (PKI), and Iona's OrbixWeb?
• 6. Applying CPRBASEC
  • 6.1 How do I secure a Naming Service?
  • 6.2 How can security-aware applications apply confidentiality and integrity to data (e.g. electronic documents)?
  • 6.3 Is it possible to specify the data to be protected as a parameter to the interface, or as data protection service?
• 7. Related Security Technologies
  • 7.1 SESAME
    • 7.1.1 What is SESAME?
    • 7.1.2 How does SESAME work?
    • 7.1.3 How does SESAME relate to Kerberos?
    • 7.1.4 How does SESAME relate to the CORBA Security service?
    • 7.1.5 How do I find more information about SESAME?
    • 7.1.6 How do I to get SESAME API?
  • 7.2 GSS-API
    • 7.2.1 What is GSS-API?
    • 7.2.2 How do I to get GSS API ?
  • 7.3 Kerberos
  • 7.4 DCE Security
  • 7.5 SSL
    • 7.5.1 Where can I find more about SSL?
    • 7.5.2 Have the OMG specified SSL in any standard yet?
    • 7.5.3 Where can I find the specification of IIOP over SSL?
    • 7.5.4 Does anybody know a ORB vendor who provides a SSL functionality with their product?
    • 7.5.5 Is there a free implementation of CORBA SSL service that will work with VisiBroker 3.* for Java?
    • 7.5.6 If I use naming service and VisiBroker, can I cooperate SSL into the system?
    • 7.5.7 How easy it is to use the Visibroker SSL pack with a Java application for the developer as well as the user?
    • 7.5.8 Is there an additional client side piece that must be installed in order to use the Visibroker SSL pack with a Java application?
    • 7.5.9 Between what parties does authentication happen when the client and the server communicate over SSL via Visibroker's Gatekeeper?
    • 7.5.10 Do any third-party companies have SSL security systems that can be incorporated into either Orbix or Visibroker?
    • 7.5.11 Does SSL raise any firewall problems when accessing from the outside internet?
    • 7.5.12 Do SSL security implementations with CORBA solve or change the problem of securely linking an object reference to the principal that it represents?
    • 7.5.13 What SSL implementations are known to [not] interoperate?
    • 7.5.14 Does the SSL-certificate certify the server or the object?
    • 7.5.15 What is the normal way of asserting that unauthorized clients cannot connect to an object that an authenticated client is using?