REVIEW: "Developing Secure Distributed Systems with CORBA", Ulrich Lang/Rudolf Schreiner
From: Rob Slade, doting grandpa of Ryan and Trevor (rslade_at_sprint.ca)
Date: 02/26/04
- Next message: jealous xmp: "Re: Downloader.Pitux.A"
- Previous message: Me_at_home.here: "Re: Using Old OS for Security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 26 Feb 2004 16:23:38 GMT
BKDSDSCO.RVW 20031201
"Developing Secure Distributed Systems with CORBA", Ulrich Lang/Rudolf
Schreiner, 2002, 1-58053-295-0, U$69.00/C$106.95
%A Ulrich Lang
%A Rudolf Schreiner
%C 685 Canton St., Norwood, MA 02062
%D 2002
%G 1-58053-295-0
%I Artech House/Horizon
%O U$69.00/C$106.95 617-769-9750 800-225-9977 fax: +1-617-769-6334
%O http://www.amazon.com/exec/obidos/ASIN/1580532950/robsladesinterne
http://www.amazon.co.uk/exec/obidos/ASIN/1580532950/robsladesinte-21
%O http://www.amazon.ca/exec/obidos/ASIN/1580532950/robsladesin03-20
%P 308 p.
%T "Developing Secure Distributed Systems with CORBA"
Chapter one is an introduction, but it very quickly gets into CORBA
(Common Object Request Broker Architecture) jargon, and C++ API calls.
The explanations could be written with more clarity for outsiders.
Security is first defined, in chapter two, in terms of restricting
access, but the authors are not clear about whether they are primarily
concerned with integrity or confidentiality. The material then goes
on to a good overview of security management basics and a very brief
outline of some security concerns in the CORBA environment. The lead-
in to the CORBA security architecture, in chapter three, is a lengthy
discussion of the benefits of flexibility, abstraction, and
simplicity: the authors then note that the CORBA architecture is not
simple. MICO, an open source CORBA compliant object request broker,
has a security component (MICOsec), and chapter four is dedicated
mostly to installation instructions. Chapter five looks at
programming CORBA level one security, using MICOsec and C++, while
chapter six takes a longer look at the more complex level two
requirements. CORBA security does have support for applications that
do not contain any security provisions (a rather interesting concept),
and these are reviewed in chapter seven.
CORBA security is not widely understood, and this work can assist both
those needing a conceptual idea of the system and those needing to
program with it.
copyright Robert M. Slade, 2003 BKDSDSCO.RVW 20031201
-- ====================== rslade@vcn.bc.ca slade@victoria.tc.ca rslade@sun.soci.niu.edu "If you do buy a computer, don't turn it on." - Richards' 2nd Law ============= for back issues: [Base URL] site http://victoria.tc.ca/techrev/ or mirror http://sun.soci.niu.edu/~rslade/ CISSP refs: [Base URL]mnbksccd.htm Security Dict.: [Base URL]secgloss.htm Security Educ.: [Base URL]comseced.htm Book reviews: [Base URL]mnbk.htm [Base URL]review.htm Partial/recent: http://groups.yahoo.com/group/techbooks/ Security Educ.: http://groups.yahoo.com/group/comseced/ Review mailing list: send mail to techbooks-subscribe@egroups.com or techbooks-subscribe@topica.com
- Next message: jealous xmp: "Re: Downloader.Pitux.A"
- Previous message: Me_at_home.here: "Re: Using Old OS for Security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
