security incubator current status and future plan n.
Skip this Video
Loading SlideShow in 5 Seconds..
Security Incubator - Current Status and Future Plan PowerPoint Presentation
Download Presentation
Security Incubator - Current Status and Future Plan

Loading in 2 Seconds...

play fullscreen
1 / 9

Security Incubator - Current Status and Future Plan - PowerPoint PPT Presentation

  • Uploaded on

Security Incubator - Current Status and Future Plan. Tom Watson – IBM Lotus. Long term mission . Provide a range of signature-based code authorization solutions Allow deployers to trade security/complexity vs. performance

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about 'Security Incubator - Current Status and Future Plan' - oleg-burch

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
long term mission
Long term mission
  • Provide a range of signature-based code authorization solutions
    • Allow deployers to trade security/complexity vs. performance
    • Decision points include install-time (current), bundle load-time, and code run-time (Java2 permissions)‏
  • Provide an integrated user authentication framework
    • Platform login configuration and lifecycle
  • Provide mechanisms for user credential management
    • Manage trusted roots, private keys, passwords, etc
  • Enabled through Java security provider architecture wherever appropriate (KeyStore, CertStore, etc)‏ within a dynamic OSGi environment
quick overview signed code
Quick Overview: Signed code
  • Java JarFiles can support signatures over their contents
  • Java's SecureClassloader validated signatures via the JarFile API
  • Equinox provides its own signature checking engine
    • Check signatures and verify content at install-time and optionally at load-time
    • Disable bundles which are not trusted
  • The Java SecurityManager can then use the signer information to enforce checkPermission() calls at run-time (ConditionalPermissionAdmin using BundleSignerCondition)
  • Additional complexity inserting doPrivileged() calls
    • Supports “Principle of least privilege”
    • Classic example: access to log api, log file access wrapped in a doPrivileged call so that all callers do not need permission to access the specific file (only the logger signer does)
    • Tooling is needed to help developers write “secure” code
quick overview jaas
Quick Overview: JAAS
  • Java Authentication and Authorization Service
  • Generic and pluggable
    • I.e.: application code can be agnostic of authentication mechanism
  • Stackable login support
    • Enables single sign-on, password expiration, etc
  • Externalized configuration
    • Authentication mechanism not hard-wired into application
  • Enforces a clear separation between backend and user interface
    • 'LoginModule' classes implement authentication
      • I.e.: KeyStore, LDAP, Notes ID File
    • 'CallbackHandler' classes implement user interface
  • Use 'LoginContext' object to login
    • JAAS 'Subject' is result, contains user's names and credentials
  • Extends standard permission model to do user-based permissions
quick overview jca
Quick Overview: JCA
  • Java Cryptography Architecture
  • Allows pluggable implementations of cryptographic engines
    • Traditional:
      • MessageDigest (MD5,SHA-1,etc)‏
      • Cipher (3DES, AES, etc)‏
    • Other:
      • KeyStore (JKS,JCEKS,PKCS12)‏
      • CertStore (LDAP,etc)‏
  • Bootstrapped by '' file in JRE
    • Lists 'Providers' which contribute services
    • Accessed via the object
    • For example:
      • KeyStore.getInstance(“JKS”) asks Security object for a provider that implements the 'JKS' type of the 'KeyStore' algorithm
current 3 4 plan
Current 3.4 Plan
  • Support Provider Framework (199330)‏
    • JCA implementations from bundles (153843)‏
    • Viewing and editing security configuration (196359)‏
  • Support User Authentication (153850)‏
  • Support for Signature checking at bundle load-time (153847)‏
    • Signature check, policy callout, alert UI
  • User Credential Management in support of load-time (153851)‏
    • Trust model (cacerts/.keystore), Manage trust roots, etc
current 3 4 status
Current 3.4 Status
  • Provider work relatively complete in HEAD
      • (needs more work:)‏
  • Login framework and sample available
  • Junit tests available to exercise provider
  • M1 demo available at Equinox site
  • M2 closes on Sept. 28th
areas to get involved
Areas to get involved
  • User Authentication
    • How to integrate into product lifecycle?
    • What to use for authorization? Bundles? Extensions?
    • How to integrate into core concepts? Bundles? Jobs?
  • Credential Management
    • Trust management for SSL connections?
      • Consistent look & feel security alert UI?
    • Trust for provisioning-based signature checking?
      • How is it managed (Trust model, UI, etc)?
      • How does it mesh with load-time (same trust model?)?