In order to make CORBA work in demanding IT environments, ObjectSecurity has added a number of security features to MICO over the years. These include enhanced implementations of OMG specifications and other add-ons.
MICO CORBA Security Services level 2 (CORBASec L2)
MICO comes with a fully compliant implementation of CORBA Security Services level 2 version 1.7, an OMG CORBA services standard specification. It supports authentication, message protection, policies for secure associations, access control, auditing (flat file/Unix syslog/RDBMS), security aware and security unaware applications, IIOP option for unprotected communication, extended security level 1 interfaces, and tested secure interoperability with other ORBs.
Based on the experiences gained from CORBASec L2 R&D in the telecom industry, ObjectSecurity's now recommends the OpenPMF/SL3/CSIv2 technology suite as the natural successor of CORBASec L2 when dealing with security in complex IT environments.
SSL/TLS support (CORBAssl)
As the baseline authentication and communications security technology,MICO supports SSLIOP based on SSL Version 3 with different ciphers, extended attributes for X.509 certificates and environment information. Access control over SSL/TLS can be supported using CSIv2/ATLAS/OpenPMF.
Common Secure Interoperability version 2 protocol (CSIv2) and Security Level 3 (SL3)
MICO includes an implementation of the CSIv2 protocol, which in particular allows security tokens to be passed between objects. It is critical for access control and relies on the ATLAS implementation and OpenPMF. MICO also implements the SL3 interfaces for CSIv2 and thus enables replaceability.
Authorisation Token Layer Acquisition Service (ATLAS)
ObjectSecurity has implemented the OMG ATLAS specification, which allows the security subsystem to pull authorisation tokens from the ATLAS server. Push and pull models for authorisation are supported. It should be used CSIv2 and OpenPMF.
Security Domain Membership Management Service (SDMM)
MICO includes an implementation of the OMG SDMM specification, which enables improved domain based access control and auditing.
OpenPMF policy management framework
OpenPMF comes with plug-ins for MICO CORBA, so that the CORBA infrastructure with all its security features can be centrally administered (together with other IT systems).
Being an open source project, MICO's success relies heavily on the goodwill of the developing companies. Please consider the value MICO has provided for your organisation and support our work by making a donation towards future SecureMiddleware enhancements.
Make donation now