RE: Federated Security Applications and Implications.

From: Kevin Cao (kevincao@microsoft.com)
Date: 04/09/03

  • Next message: Benjamin D. Goldman: "RE: VPN and ISA server"
    Date: Wed, 9 Apr 2003 10:28:52 -0700
    From: "Kevin Cao" <kevincao@microsoft.com>
    To: <ssethu@micros.com>, <focus-ms@securityfocus.com>
    
    

    Microsoft has released a beta version of the Microsoft Windows XP
    Peer-to-Peer SDK and a Windows XP Peer-to-Peer Update for the Windows XP
    client. The Peer-to-Peer SDK provides the components and information to
    create Windows Peer-to-Peer Networking applications. The Windows XP
    Peer-to-Peer Update provides the components to run Windows Peer-to-Peer
    Networking applications on a computer running Windows XP

    The Windows Peer-to-Peer Networking platform has the following services
    built in:

    * Network Address Translator traversal. Windows XP Peer-to-Peer Update
    includes enhancements to IPv6 that allow peer-to-peer networking traffic
    to traverse most NATs.
    * Name resolution. Windows XP Peer-to-Peer Update includes support for
    the Peer Name Resolution Protocol (PNRP), a scalable and secure
    peer-to-peer name resolution mechanism to resolve peer names to
    addresses that does not rely on the Domain Name System (DNS).
    * Graphing and grouping. Graphing maintains a set of connected nodes and
    provides flooding and replication of data across the graph for efficient
    multi-point communication and distributed data management. Grouping
    defines the security model for creating and managing persistent
    peer-to-peer groups.
    * Identity management. Provides for the creation and management of
    peer-to-peer identities.

    http://www.microsoft.com/windowsxp/p2p

     

                          "Shaji Sethu"

                          <ssethu@micros.c To:
    <webappsec@securityfocus.com>, <focus-ms@securityfocus.com>

                          om> cc:

                                                   Subject: Federated
    Security Applications and Implications.
                          04/09/2003 08:11

                          AM

                          Please respond

                          to ssethu

     

     

    All,
    Recently I have been investigating requirements to build a pseudo P2P
    (uses a combination of P2P and Client Server) distributed application
    based on XML web services. The main requirement for the application has
    to be such that secure domains can join or leave the application network
    without much effort. The platform has not been finalised yet but my
    preference is .NET.
    Considering the requirements a Federated Architecture for security comes
    to mind, the only application that comes close to it is the Liberty One
    from Sun. I had talked to the local Microsoft guys in Australia and they
    suggested Trust Bridge which was due for shipment with Windows 2003 and
    their specifications were a bit vague and pointed me to a msdn web site
    with
    5 lines explaining it.

    The question is:
    1. Is there any solution out there which implements federated security
    model where security domains can easily join and leave without complex
    system administration.
    2. Are there any white papers or research papers published on this (BTW
    I have gone through the ACM archives without much luck)?
    3. Has anyone looked at the security implications of this and
    WS-Security?
    4. Is this viable or does this technology has the pie in the sky status?

    Thanks for any help on this.

    Best Regards.

    Shaji Sethu
    System Developer
    myFidelio.net
    Web: www.micros.com

    ----------------------------------------------------------------------
    Block Spam, Smut & Viruses
    SurfControl E-mail Filter for SMTP & Exchange leverages multiple layers
    of technology including filtering embedded and attached file content.
    Rid your enterprise of unwanted content.
    http://www.securityfocus.com/SurfControl-focus-ms2
    Download your free fully functional trial, complete with 30-days of free
    technical support.
    ----------------------------------------------------------------------

    ----------------------------------------------------------------------
    Block Spam, Smut & Viruses
    SurfControl E-mail Filter for SMTP & Exchange leverages multiple layers
    of technology including filtering embedded and attached file content.
    Rid your enterprise of unwanted content.
    http://www.securityfocus.com/SurfControl-focus-ms2
    Download your free fully functional trial, complete with 30-days of free
    technical support.
    ----------------------------------------------------------------------

    ----------------------------------------------------------------------
    Block Spam, Smut & Viruses
    SurfControl E-mail Filter for SMTP & Exchange leverages multiple layers of
    technology including filtering embedded and attached file content. Rid your
    enterprise of unwanted content.
    http://www.securityfocus.com/SurfControl-focus-ms2
    Download your free fully functional trial, complete with 30-days of free
    technical support.
    ----------------------------------------------------------------------


  • Next message: Benjamin D. Goldman: "RE: VPN and ISA server"

    Relevant Pages

    • Re: Initialising the root folders to display
      ... shortcut in Network isn't on or there and you use Windows Explorer to do ... That crashes Windows Explorer, ... If you have multiple network drives mounted as part of ... peer-to-peer technology at its absolute worst. ...
      (microsoft.public.office.developer.outlook.vba)
    • Re: VFP 9.0 cant see mapped network drive
      ... After serious thinking Dan Musicant wrote: ... Windows 7 64 bit Ultimate. ... Having said that, mixed Windows versions in a peer-to-peer LAN has never been a recipe for success, nor has sharing VFP data on a:peer-to-peer LAN. ... Windows XP is *NOT* a server operating system ...
      (microsoft.public.fox.programmer.exchange)
    • Re: Windows peer-to-peer networking
      ... have a look at the Windows XP Peer-to-Peer Software ... look at the Graph Chat and Group Chat samples. ... Please do not send email directly to this alias. ...
      (microsoft.public.win32.programmer.networks)
    • Re: VFP 9.0 cant see mapped network drive
      ... Windows 7 64 bit Ultimate. ... VFP 9.0 has no trouble seeing the data from the XP machines but VFP 9.0 ... Having said that, mixed Windows versions in a peer-to-peer LAN has never been a recipe for success, nor has sharing VFP data on a:peer-to-peer LAN. ... Windows XP is *NOT* a server operating system ...
      (microsoft.public.fox.programmer.exchange)