“In this impressive book, well-known security experts Lang & Schreiner manage to cover all of the CORBAsec specification in a structured and technical fashion. It is well suited to security professionals who need a comprehensive reference guide with detailed descriptions of, and rationales for, the CORBAsec architecture and systems security architectures in general. This well-written hands-on guide is invaluable for developers building real-world applications, and belongs on the desk of every systems security engineer on the planet.”
---Richard Mark Soley, Chairman & CEO, OMG

“CORBA security is not widely understood, and this work can assist both those needing a conceptual idea of the system and those needing to program with it.”
---Internet Review Project, December 2003

“The book's comprehensive study of Corba's security architecture can help readers gain a better understanding of its goals and limitations.”
---IEEE Computer Magazine, September 2002

This new book is a clearly written, well structured guide to building secure distributed applications with CORBA. It helps securing CORBA applications, integrating security infrastructure with CORBA applications, and evaluating the security effectiveness of distributed applications. You get a comprehensive study of the CORBA security architecture, providing you with a better understanding of its goals and limitations. It serves as your complete reference for understanding security in distributed systems.The book also generously illustrates the usage of the MICOSec CORBA security services implementation, including important information on the installation and configuration of MICOSec, the usage of two different kinds of application-facing interfaces, and the configuration of CORBA security for applications that do not contain any security-related modifications.

Order Online Now:

Contents:

Introduction to CORBA -- Why CORBA? The Object Management Group (OMG). The Object Management Architecture (OMA). The Common Object Request Broker Architecture (CORBA). How does it all work together?              

Creating and Running an Example Application          

The Security Basics -- What is Security? Why Security? Aspects of Security within CORBA. Security Management. Threats, Vulnerabilities,Countermeasures. Middleware Security

The CORBA Security Architecture -- Design Goals. Architectural Components. Secure CORBA on the Internet. Conformance. Features or Wish List?

Getting Started with MICOSec -- Free Software. MICO Installation. MICOSec Installation

Security Level 1 -- Level 1 Functionality. Level 1 Interface. A Security-Aware Bank Application Example. Implementation Overview and Conformance.

Security Level 2 -- Level 2 Functionality Overview. Principal Authentication and Secure Association.

Object Domain Mapper for Access Control and Audit. Access Control. Security Auditing. Delegation.Implementation Overview and Conformance       

Security-Unaware Functionality -- Security-Unaware Functionality Overview. Principal Authentication and Secure Association. Object Domain Mapping. Access Control. Security Auditing. Delegation. Implementation Overview and Conformance

Dr. Ulrich Lang, formerly a researcher at the University of Cambridge Computer Laboratory, and co-founder and CEO of ObjectSecurity Ltd., received his M.Sc. in Information Security from Royal Holloway College, at the University of London. Before that, he studied computer science with management at the Ludwig-Maximilians-Universität in Munich, Germany. 

Rudolf Schreiner, co-founder and CTO of ObjectSecurity Ltd., a consultancy specialized in distributed systems security, received his Dipl.-Phys. from Ludwig-Maximilians-Universität in Munich (Germany) in 1993. Before his career at ObjectSecurity Ltd., he worked as a freelance programmer and consultant on various computer security projects.