next up previous contents
Next: 5.1.2 Where can I Up: 5.1 General Previous: 5.1 General

5.1.1 ../images/greenball.gifWhere can I find an implementation of Security Services ?

 

Alphabetical list of CORBA Security products or announcements about such products:

CBConnector
from IBM http://www.software.ibm.com/ad/cb/ (Jim Beale (December, 1997))
DAIS Security
from PeerLogic http://www.peerlogic.com/products/dais/f_dais.htm. See section 5.2.1 for more information on DAIS Security.
Dreadnought
from Phalanx Technologies http://www.phalanxtech.com/Dreadnought.htm:


change_begin

Tom Herron
(May, 1999) 35:
The current list of features includes but is not limited to:

change_end
Expersoft
Shahzad Aslam-Mir (January, 1998): Expersoft will be offering security service in 1998.
Inprise
Andre Srinivasan (November, 1998)36: Inprise will be shipping, as an addon to the AppServer and VisiBroker, a security product that builds on our successful SSL based product to provide features like instance based access control and auditing as described by CORBAsec.
change_begin
IntraVerse
from DASCOM. The press release issued by DASCOM on June 14 had the following information on the product:

``... IntraVerse for CORBA (IVCorba(TM)) solves the primary problem limiting full CORBA deployment at many organizations, the need for security and authorization services. IVCorba 3.0 is the only enterprise CORBA single sign-on and authorization solution that supports secure interoperability between Object Request Brokers (ORBs) from multiple vendors, providing users with the flexibility in their development and deployment of CORBA applications.

Furthermore, IVCorba 3.0 provides the only CORBA Security Service to implement controlled delegation. This function provides the ability to pass user and server information with a transaction request, enabling extremely fine-grained access control.

...

IVCorba 3.0 provides full support for Iona (NASDAQ: IONA - news) OrbixWeb(TM) as well as Inprise (NASDAQ: INPR - news) VisiBroker(TM), the most widely deployed ORBs. By providing a cross-ORB external authorization solution, DASCOM has freed developers from trying to individually implement security services for each application as it is developed. Furthermore, IVCorba provides a single sign-on solution, enabling personalized services and simplified administration. Users can log in once and access all the resources that are appropriate for them.

...

Availability

IVCorba 3.0 began shipping June 14 on Solaris and Windows NT. For more information, contact DASCOM at info@dascom.com. ``
change_end

Nephilim
(Java Implementation of CORBA Security Services) of UIUC http://choices.cs.uiuc.edu/Security/nephilim/
ORBAsec
SL2 from Adiron
change_begin

Polar Humen
(May, 1999)37:

ORBAsec SL2 2.0 from Adiron is a Java implemenation of CORBA Security giving programmers the ability to write objects and clients using encryption and authentication integrating with Kerberos authentication services or SSL. ORBAsec SL2 uses standard CORBA Security Level 2 interfaces from the CORBA Security Specification Revision 1.5. ORBAsec SL2 2.0 has been available since 2Q 1999.


change_end

change_begin

OrbixSecurity
from IONA Technologies http://www.iona.com/products/orbixenter/security/index.html. The web page reads the following, as of June 1999:

``OrbixSecurity 3 ... available in Q3, 1999

OrbixSecurity 3 extends the security capability of the OrbixOTM container (OrbixSSL) by providing a manageable, scalable security infrastructure for Enterprise systems. A full implementation of the CORBA security service Level 1 and more, OrbixSecurity 3 delivers a comprehensive security service systems based on the IETF's Secure Socket Layer (SSL) security.

Secure your Enterprise system with OrbixSecurity 3

Based on, and incorporating all features of the IETF's SSL V3.0, OrbixSecurity 3 extends the functionality of SSL, adding CORBA Security Service Level 1 functionality and extra features such as an Administration GUI to make the creation and updating of security policies an easy, manageable and scalable task. OrbixSecurity 3 provides fine grained control of security in the system - security is added at the application level allowing access control checks to be performed on a per object, or even per method basis. CORBA Security Level 1+ Services enforce basic audit and access control functions in security-unaware applications, as well as providing limited Applications Programming Interfaces (APIs) for enabling security-aware applications to manage their own security. Ideal for Internet and Enterprise systems, OrbixSecurity 3 provides the following features and functionality:

All features of CORBA Level 1 Security including:

Identification and Authentication:
based on SSL Authentication. User Ids with password login or SecurID tokens can be used for identification. These different options mean administrators can choose to implement the authentication method most appropriate to their system - depending on the sensitivity of the data in the system, and the degree of potential risk to that data.
Authorization and Access Control:
Allows access to resources to be controlled based on user identity. Support for multiple user types is included - the user name, group or organization can all be used to make authorization checks. At the Server side, access control decisions can be made on a per server basis, per interface or per method. This allows for controlled access to sensitive company data, ensuring confidentiality of any non-public information.
Security of communication:
Data privacy and confidentiality are provided through use of the Secure Socket Layer - providing encryption and digital signature algorithms. This ensures that data cannot be read or modified whilst in transit. System users can rest assured that sensitive information such as financial information, or company proprietary data, cannot be read by eavesdroppers or hackers.
Delegation of Privileges:
Allows a client to delegate security privileges to an intermediate application acting on its behalf. CORBA Level 1 supports simple (unrestricted) delegation of privileges. Administrators can decide whether to allow or prohibit delegation.
Security Auditing:
Allows security-authorized administrators/personnel to monitor users' actions in the system, and what system resources they are attempting to access. All security-relevant events are audited and logged if necessary, to allow detection and assessment of damage of successful attacks. This allows the security system administrators to detect and gauge the damage caused by successful attacks.
Unitary login is also supported, providing a secure repository of mainframe authentication data and passwords to allow developers to build applications that gain access to mainframe systems, thus requiring users to log in to an enterprise system only once.

Managing large scale secure systems with OrbixSecurity 3

OrbixSecurity 3 is designed to make securing a large scale Enterprise system an easier task. CORBA Level 1 Security services provide security to applications that are typically unaware of the presence of the security service in the system, and can be added to applications without having to alter any existing code. This makes adding security to an existing system a much easier task. OrbixSecurity 3 also provides a comprehensive GUI interface to make implementing security policies quick and trouble free. A Java - based graphical user interface enables security administrators to easily create and update security policies.

OrbixSecurity 3 will provide full cross language functionality for both Orbix and OrbixWeb C++ and Java applications, and will be available on OrbixOTM 3 supported platforms.''

See section 5.2.2 for more information on OrbixSecurity.
change_end

PC-DCE/NetCrusader
from Gradient
SecureBroker
from Promia http://www.promia.com/products.html

next up previous contents
Next: 5.1.2 Where can I Up: 5.1 General Previous: 5.1 General