('binary' encoding is not supported, stored as-is) In-Reply-To: <3f326166.1798.0at_private> Hi Will, >I have been researching corba and corba security as a hobbie recently. Corba >security seems to be solid from the omg corba security services 1.8 manual (only >got through half of that spec so far). > >does corba have any security flaws that could be improved or are worth a research >investigation? > Caveat: I haven't used corba in a looong time. An open(ish) protocol like CORBA is probably at least pretty well designed. There are counter-examples to this thinking, but not very many, and most are older protocols which show their age (TCP). If you want to break CORBA there's no sense in trying to attack the protocol, imho. These protocols which glue components together like COM/DCOM or CORBA bind together pieces of code that are just as likely to be poorly written as anything else. Perhaps the protocol works, but a specific vendor's ORB's implementation of say, IIOP, is just as likely to be buggy as anything else. Not to mention the specific objects you can communicate with. Take all the ActiveX vulns out there for instance... Sure you can add authentication, ACLs, encrypted transport, etc. That stuff is a great help, but it will always depend on how well everything is implementated. And, far as I can tell, the OMG is designing all this security goo to be technology neutral; CSIv2 and the Security Service are just components who's strength is entirely dependant on something like SSL for secure transport and authentication. It's much easier to design a secure protocol then to build a secure implementation of something. How useful is all the complex ACL goo in NT when a simple bug in the implementation of IIS or RPC leaves the door swinging open in the breeze... My $2*10^-2, FWIW. Cheers, ~ol
This archive was generated by hypermail 2b30 : Fri Aug 08 2003 - 15:09:14 PDT