Hi Jens
As Peter mentioned, the deliverable D4.4 of the PEPITO Project
(http://www.sics.se/pepito/D4.4/d44_report.pdf) contains the main
information about security concerning the DSS, which is the middleware
that will provide the support for distribution in our integration with
the Mozart system.
What is basically provided, is the communication between two nodes
without involving a third party. A DSS-node needs a correct DSite
representation of another DSS-node to communicate with it. Those DSite
representations are created by each DSS-node and can be passed as
unforgeable references.
The communication can be done using an encrypted channel. The encrypted
communication is establish after a few exchanges of public keys... at
the moment, only RSA1 algorithm is supported... which is not
particularly good, but it was used for testing the architecture. This is
actually a component that can be replaced by another one without big
effort (In fact, Raph Collet removed it to do some other tests, and he
said that it was not particularly painful).
Boriss
Peter Van Roy wrote:
Jens Grabarske wrote:
Hi, everybody!
We are nearing the first milestone of my project and, full of pride, I
showed my project director all the cool stuff I built with Mozart. I
didn't fail to praise how incredibly easy the distribution system
works, how simple it was to let prospective computation servers look
for their master using Discovery and the like. He was very pleased.
And then he asked about security.
"Ah, well. Yes. There's something like an SSL patch for the Mozart
interfaces, but it's not EXACTLY secure." I admitted, quoting what I
had read on the project page. "So the system currently opens several
ports to communicate with the other machines - and everything is going
on unencrypted?" - "Yepp."
And then his face turned green.
Well. Not literally. We already considered IPSec as an option to
secure what Oz can't anyway. But the crucial question is: can we do
better? (Well, helping you guys with the SSL patch for Oz would
actually be an option, but aside from that?) Is there someway to
waterproof the connections between different Oz engines? Do you guys
have similiar problems on your projects and how do you solve them? Is
there any way to restrict certain communications (either from the
distribution subsystem or the Discovery-thingy) to certain network
interfaces?
Thanks for your answers and have a nice weekend,
Jens
(who'll be on vacation next week, so don't be upset if I don't answer
back right away...)
Dear Jens,
We have done some experiments with adding security to the distribution
system of Mozart,
but nothing has made it into the release yet. You should check out
deliverables D4.3 and
D4.4 of the PEPITO project, which report on the results (see
http://www.sics.se/pepito/deliverables.html).
We are also working on a secure version of the Oz language
(provisionally called 'Oz-E',
see http://www.info.ucl.ac.be/people/PVR/oze.pdf). All of this is still
'on the drawing board'.
You can see that SSL is a good option in the short term (maybe submit a
MEP?)!
Boris Mejias is completing the work on Erik Klintskog's DSS
(Distribution Subsystem), which
should make it into the next release. Maybe he can say a few words on
security in the DSS.
Peter
_________________________________________________________________________________
mozart-users mailing list
[email protected]
http://www.mozart-oz.org/mailman/listinfo/mozart-users
