HP Labs Technical Reports
Click here for full text:
High Security Web Servers and Gateways
Edwards, Nigel; Rees, Owen
Keyword(s): world wide web; security; objects; CORBA; Java; multilevel security
Abstract: This paper describes a high security, high performance system for making legacy systems accessible to the web. It combines distributed object technology with a trusted operating system that implements multi-level security. The aim is to satisfy the growing demand for dynamic content generation, while providing a high level of protection against unauthorized access to the service. HP CORBAweb is a software infrastructure that allows access to CORBA applications from the web. HP VirtualVault is a secure environment for web applications. The paper gives overviews of both VirtualVault and CORBAweb, and describes the object gateway that merges the integration features of CORBAweb with the security of VirtualVault. The paper describe the authorization model that determines the granularity at which access is granted. It then goes on to explain how the system can be extended to allow remote clients, such as Java applets, to invoke the CORBA-based services directly, using the Internet Inter-ORB Protocol (IIOP). The object gateway is designed to be used to provide controlled access through a firewall protecting the servers. Some of the issues associated with firewalls around the clients are discussed at the end of the paper.
Back to Index