CORBA Security: An Introduction to Safe Computing with Objects
The CORBAsecurity specification adopted by the Object Management Group (OMG) represents a major step forward in making object technology suitable for business application development. The specification document, however, is long, detailed, and complex; it is a time-consuming task for software developers to make their way through it, and it is inaccessible to CIOs and other technical managers who need to understand object security and its impact on their organizations.
"CORBA Security" provides a readable and less technical overview of the specification and a guide to the security of object systems. Written from a policy point of view, the book will help you decide what security policies are appropriate for your organization and evaluate the object-based security options that can help you manage those policies.
For those unfamiliar with basic security and object technology concepts, clear introductions to these topics will bring you up to speed. The book also provides a list of questions you can ask your secure object system vendor-questions that will get behind the jargon and acronyms and give you the information you need to determine just how safe the product really is.
Readers will get an in-depth look at each element of computer security and how the CORBAsecurity specification fulfills each of these security needs. Topics covered include identification, authentication, and privilege; access control; message protection; delegation and proxy problems; auditing; and, non-repudiation. The author also provides numerous real-world examples of how secure object systems can be used to enforce useful security policies.