From: Rudolf Schreiner (rasat_private)
Date: Tue May 12 1998 - 05:11:27 PDT

  • Next message: Stout, William: "RE: PPTP (again)"

    On Mon, 11 May 1998, Bennett Todd wrote:
    > The over-the-wire protocol our developers were proposing to use was
    > related to CORBA (I don't know for sure if CORBA actually specifies the
    > network protocol, of if it's just another API spec). 
    CORBA's normal over-the-wire protocol is IIOP. IIOP is specified by the OMG 
    to ensure interoperability between ORBs.
    > The datbase backend
    > was ODBC<==>CORBA. I stated that (a) database implementations are huge,
    > complex, and never designed with security as a goal; (b) there were no
    > security provisions available in any implementation we could find of the
    > proposed protocol; 
    Until recently security was not CORBA's strong side. You had to implement 
    it by yourself. Now many vendors support IIOP over SSL and some even the 
    new security service.
    > and (c) we could find no proxy that gave fine-grained
    > control of the requests it would be willing to forward.
    Some "CORBA proxies" are really weak about security, e.g. they tunnel 
    IIOP in HTTP without any access control or  you have to use a filtering 
    router to limit access. The problem is that now there is no CORBA firewall 
    standard, just some proposals. IMHO the best is the submission based on IONA's 
    Wonderwall. The Wonderwall is a full IIOP proxy and supports filtering 
    based on request header information. Filtering based on the request body 
    is impossible because the proxy doesn't know the interface definition.
    Another possibility is writing your own customized proxy. It's flexible 
    and not very difficult, but an ORB is a big piece of complex OO software. 
    Running such a huge proxy on a firewall without additional protection 
    doesn't give me a good feeling.
    > Based on these
    > limitations we ended up replicating the data out onto a sacrificial
    > machine in the DMZ, sanitizing it as best we could, and protecting that
    > machine the best we could with the screening router.
    Now some companies use CORBA in security sensitive areas and over 

    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 12:59:07 PDT