|
ObjectSecurity has carried out many middleware security projects over the years. We are often brought in as an R&D and consulting partner, and to build product extensions and solutions. Here are some examples:
 Real-Time Innovations (RTI) Data Distribution Service (DDS) OpenPMF integration & demo
ObjectSecurity was contracted by RTI to develop OpenPMF plug-ins for their DDS middleware. ObjectSecurity extends their OpenPMF policy manager with the features necessary for DDS, and implements local plug-ins. ObjectSecurity will also add OpenPMF to RTI's DDS demonstrator, so that secure RTI DDS can be demonstrated to the customer base.
The benefit for DDS end-customers is that they can manage security for large DDS environments centrally, felxibly, intuitively and with low effort. This makes RTI DDS the first DDS implementation in the world that includes security and model driven security management.
RTI Data Distribution Service (formerly NDDS) is networking middleware that implements a real-time publish-subscribe communications model and allows distributed processes to share data without concern for the actual physical location or architecture of their peers.It includes support for best-effort and reliable communications (including reliable multicast), as well as client-server communications. RTI Data Distribution Service is an open-architecture, data-critical platform based on the Object Management Group's (OMG) Data Distribution Service for Real-Time Systems (DDS). The OMG is the same group that manages the CORBA and UML standards. OMG recognized the need to augment CORBA with a data-centric publish-subscribe specification. The DDS standard answers that need, and RTI is a primary author of the new specification. RTI Data Distribution Service is field-proven middleware that is currently used in a wide variety of time-critical applications. It is available with C, C++, and Java APIs.
(note: project on-going 08/2007-09/2007)
SERVICE ORIENTED ARCHITECTURE (SOA) BEST PRACTICE ANALYSIS FOR QINETIQ & MOD
ObjectSecurity carried out an extensive review of a large analysis of Service Oriented Architecture (SOA) for the UK Ministry of Defence. The QinetiQ-led project was a study to assess the feasibility and benefits of SOA for MOD's CCII. ObjectSecurity's involvement was in the best practice analysis part where many widely-applicable recommendations were identified. ObjectSecurity also attended two QientiQ-led SOA workshops with MOD, suppliers, and consultants and presented the best practice recommendations and ObjectSecurity's TrustedSOA approach to SOA security.
"ObjectSecurity supported QinetiQ's analysis of Service Oriented Architectures by providing a thorough and enlightening overview of the industry's history and best practice."
--- Dr. Mark O'Dell, QinetiQ Trusted Information Management's R&D team
AD4: Secure distributed application platform for air traffic management
We are the security specialist in the 2-year duration EU AD4 project (EU FP6 IST R&D project), which builds a next-generation air traffic management system with innovative visualisation concepts. We are working on the secure communications infrastructure and security management, based on MICO, Qedo and OpenPMF. The other project partners are: Fraunhofer Fokus, a leading German software engineering research institute; NEXT Ingegneria dei Sistemi SpA, an Italian systems engineering company specialising in space, defence, air traffic and telecommunications systems (project coordinator); ENAV, representing the Italian Air Navigation Services; Vitrociset, a market leader providing advanced technology services, logistics support, and simulation services for large scale IT systems in civil, defence, environmental and space sectors; SICTA, the Italian air traffic control research centre; ESI (European Software Institute), the Spanish software engineering research organisation; Digital Video Spa, an Italian animation company and world leader in cartoon animation software; Space Application Services, a Belgian company that develops control systems for space vehicles; and Middlesex University's Interaction Design Centre (IDC), based in the School of Computing Science.
SINS/MDA/OPENPMF Secure distributed application platform for NCW/NEC
ObjectSecurity and the U.S. Naval Research Lab (NRL) have signed an R&D subcontract to work on a project for NRL's SINS middleware for network centric warfare. The goal of the U.S. Naval Research Laboratory's secure middleware (SINS) and ObjectSecurity's OpenPMF policy management framework is to develop infrastructure for the deployment and protection of time- and mission-critical applications on a distributed computing platform, in a challenged computing environment such as the Internet, while using unreliable or untrusted COTS components. Government and Industry are increasingly dependent on the use of applications in a collaborative environment spanning multiple sites, by multiple agencies, and across multiple enterprises. In the SINS project, we are rethinking basic ways in which distributed applications are developed, deployed, configured, and maintained.
"ObjectSecurity has in-depth technical knowledge and industrial experience in the design and development of secure systems. NRL and ObjectSecurity currently collaborate on building the next-generation middleware platform for the Navy and Marine Corps that is reconfigurable, fault-tolerant, and secure, together with a model-based agile development process for the rapid incorporation of application-specific components. This technology is dual-use, with applications in military and commercial systems such as the pan-european air traffic management system, a prototype of which is being developed as a part of the EU project AD4."
--- Dr. Ramesh Bharadwaj, U.S. Naval Research Laboratory
COACH: Secure distributed service platform for telecommunications
ObjectSecurity participated in the very successful and well-received 2-year IST project COACH (Component Based Open Source Architecture for Distributed Telecom Applications) as a work-package leader and a significant contributor. As part of the project, two complete CORBA Component Model (CCM) tool chains were developed in Java and in C++, and demo applications from the telecom domain are implemented. Also, testing of distributed component-based systems was covered by the project. ObjectSecurity contributed a new and innovative security framework for distributed systems that is inspired by model-driven software engineering and a formal calculus for security. In addition, ObjectSecurity contributed to several security-related OMG standards and ensured that the C++ ORB used in COACH, MICO, met the requirements of the CCM implementers and users. As part of the project, we also contributed a state of the art security analysis. During the project we worked extensively with Deutsche Telekom T-Systems on secure service platforms. As a part of Deutsche Telekom’s Secure CORBA project, ObjectSecurity developed MICOSec, the first Open Source implementation of the CORBA security services and one of the first implementations of the CSIv2 protocol. In addition to internal projects at Deutsche Telekom and ObjectSecurity (a secure platform for mobile applications and research in CCM security) MICOSec is used in academic and industrial projects. Since 2002, ObjectSecurity is the official maintainer and main contributor of the Open Source CORBA ORB “MICO”. The cooperation with Deutsche Telekom has continued in several projects in CORBA security, Open Source software, mobile secure computing and ubiquitous computing. As part of the project, we also did a comprehensive CORBA security analysis. This work was continued in the EU IST COACH project, where ObjectSecurity, Humbold University, Fraunhofer Gesellschaft FOKUS and T-Systems jointly developed a Secure Parlay platform based on MICO, Qedo and OpenPMF.
GIS prototype platform with Deutsche Telekom T-Systems
We have built a secure geographical information system (GIS) that uses our secure CORBA infrastructure and runs on a PDA. To achieve this, we had to port our entire secure CORBA infrastructure to a Linux based PocketPC. This project was a prototype deployment of our secure mobile CORBA infrastructure.
CORBA development with Deutsche Telekom T-Systems
We have developed many useful additions to the MICO CORBA open source implementation as part of our projects with T-Systems.
Secure CORBA design and development with Deutsche Telekom T-Systems
We have built a complete implementation of a secure CORBA infrastructure. It was initially based on the CORBA security standard, but was enhanced considerably.
Technical security audits for telecommunications etc.
We delivered security audits for several large organisations, involving both IT and non-IT aspects. In particular, we successfully analysed network and distributed systems security.
Technical support for distributed systems technologies
Due to demand from the telecoms industry, we provide technical support, consulting, and development for MICO/MICOSec CORBA.
Secure distributed IT infrastructure in the financial services sector
We carried out a substantial technical security analysis and risk analysis as an independent third party at a large bank in London, UK. In addition, we integrated firewalls with CORBA security and a 3-tier distributed application.
Lectures on distributed systems security:
ObjectSecurity gave 3-hour tutorials about their field of expertise for the MSc in Information Security at Royal Holloway, University of London.
Technical support for distributed systems technologies
Due to demand from industry, we provide technical support, consulting, and development for MICO/MICOSec CORBA.
Further information
Middleware security services
SOA security services
Products
|
