1 / 10

JINI

JINI. An Authentication and Authorization Architecture for Jini Services. An ICSI Story. Clients needs services  ICSI newcomers need a flat Services needs clients  Landlords want to lease their flats Marketplace needed  Home Finders Bulletin (or ask Diane)

dieter
Download Presentation

JINI

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. JINI An Authentication and Authorization Architecture for Jini Services

  2. An ICSI Story • Clients needs services  ICSI newcomers need a flat • Services needs clients  Landlords want to lease their flats • Marketplace needed  Home Finders Bulletin (or ask Diane) • How to find marketplace  Yellow Pages

  3. An ICSI Story, Part 2 • Communication marketplace -> Specify preferences -> List of offerings, + Tel-No. • Client-Server communication -> ICSI newcomer calls a landlord • Problems -> List out of date • Solution -> Landlord must lease entry in list, renewal, otherwise remove from list

  4. Lookup Service Proxy Proxy Proxy Proxy = Housing Broker ??? Proxy Proxy Proxy Template Client Service Proxy

  5. Jini Concepts • Discovery (Yellow Pages) • Lookup (Home Finders Bulletin) • Leasing (Leasing of list entry) • Remote Events • ICSI newcomers receives new offers • Transaction • Key exchange at HFB: Key  Money

  6. Home Environment • TV service + Storage service = VCR service • lawn sprinkler + weather service • defect -> maintenance service -> appointment service • general: leasing appropriate for spontaneous networking • PDA -> conference room -> printer access

  7. Why Security? • Only subscribers should get offers • authentication needed • Different packages are offered: standard $30, premium $50; restricted access • authorization required • Internet communication insecure: data can be read, altered or replayed • Integrity, Confidentiality required

  8. Secure Communication • Proxies are signed (Integrity + Identity) • All communication is encrypted using a secret session key (Confidentiality) • Message Authentication Code (Integrity) • Transaction Numbers (Replay attacks)

  9. The Architecture Service Client & Proxy Login Service RemoteCb Handler Policy Service UserDB Service BlueDot Service Challenge Resp. Srv.

  10. Highlights • Uses standard Java technology • Transparency for the client • Minimal Overhead at server side • Powerful login policies • First Prototype up and running • Internal Java Authorizations mechanisms • Well adapted for home services: TV, fridge

More Related