Secure Persistent Object Systems
Andreas Rudloff (1/92-10/96)
Goal
The goal of this Tycoon subproject called NoSPY (Network oriented
Secure Persistent Activities) is to integrate security aspects of authentication
and authorization as an orthogonal property into the Tycoon System. It
uses the view of Tycoon as a system construction tool box. Since Tycoon
is targeted to distributed applications security support is necessarily
required.
The integration process will be done on at least two levels. On the
level of the Tycoon libraries all security abstractions are implemented
in TL-libraries (may be covering external services). This includes also
authorization models. In the development process of a security relevant
application the pure application functionality including the choosen communication
support could be freely combined with the security components.
This approach needs some support from the level of the Tycoon kernel
system in order to guarantee the enforcement of security functionality
integrated in the described Add-On style. For this a secure version of
the Tycoon virtual machine containing security concepts tailored to the
needs of enforcing security of Add-On components will be developped.
Work Items
- 10/93-12/93, Andreas Rudloff
- A Gateway to Post Office Protocol. It allows sending and receiving
e-mails by applications written in TL.
- 2/94-10/94, Andre Willomat,
- Implementation of a Tycoon socket library as a basic tool box for communication
in TL applications.
- 11/94-11/95, Andre Willomat [Info],
- Implementation of a Tycoon gateway to Kerberos, the most popular symetric
key based authentication protocol.
- 1/94-10/94, Andreas Rudloff, [RMS94]
- Development of an initial architecture for a security supporting Tycoon
programming environment.
- 11/94-12/95, Andreas Rudloff
- Tycoon machine extensions required to guarantee the enforcement of
security components implemented in TL-libraries.
- 9/95-12/95, Michael Skusa, [Info]
- A Gateway to the Pretty Good Privacy (PGP) System, which is a very
popular public key based authentication system.
- 12/95-?, Andre Willomat, [Info]
- Development of a secure Tycoon mail toolkit based on exisiting communication
and authentication libraries.
- 12/95-12/96, Thomas Kaß, [Info]
- Development of a Tycoon authorization library based on concepts of
object oriented access control models
Demonstrations
public Tycoon server
PGP key server written in TL
Usage of Tycoon authorization libraries
Andreas Rudloff, (21-oct-96)