Securing the Broker Pattern. Patrick Morrison 12/08/2005. Presentation Outline. Present Broker Discuss security issues with Broker Survey CORBA as a Broker implementation that addresses security Abstract these ideas into Secure Broker. Broker Pattern.
ORB Core ORB Core
Security Enforcement Subsystem
Policy Enforcement Code
The Untold Story
Intent: Provide secure interactions between distributed components.
Example: Online Bank, Customer makes withdrawal – want to be sure that the Customer gives his account only to the Bank, and that the Bank distributes the Customer’s money according to the Customer’s wishes.
Context: Distributed computing systems, homogeneous or heterogeneous.
Problem: Broker decouples communications from application concerns, but does not address security issues; un-addressed, these can compromise an application’s usefulness.
In addition to Broker’s role in decoupling communications from applications, the Secure Broker must: