Java Enterprise Multilevel Access - PowerPoint PPT Presentation

About This Presentation
Title:

Java Enterprise Multilevel Access

Description:

Can a single sign-on realize multilevel security? ... Dell Optiplex GX620. Intel (R) Pentium (R) CPU 3.20GHz, 3.19 GHz, 3.50 GB of RAM ... – PowerPoint PPT presentation

Number of Views:251
Avg rating:3.0/5.0
Slides: 33
Provided by: patric219
Learn more at: http://www.cs.uccs.edu
Category:

less

Transcript and Presenter's Notes

Title: Java Enterprise Multilevel Access


1
Java Enterprise Multilevel AccessJEEMA Web
PortalIn partial fulfillment of the requirements
for a Masters of Science Computer
SciencePresented by Patrick D. CookforDr.
Edward Chow Dr. Charlie ShubDr. Jugal Kalita
2
Outline
  • Project goals
  • Background
  • JEEMA
  • Performance
  • Reliability
  • Challenges
  • Lessons Learned
  • Conclusion
  • Demo

3
Project Goals
  • Can a single sign-on realize multilevel security?
  • Investigate Portlet Technology, in particular
    Java Specification Request (JSR)168, to determine
    if it would facilitate sharing data, at different
    security levels
  • Avert the information flow problem, i.e. use a
    single sign on to access to multiple levels of
    classified resources, without compromising the
    multilevel security policy.

4
Background
  • Related work, Rationale, Design decisions

5
Related Work
  • Portals, Portlets and IPC
  • Michelle Osborne (2006)
  • Rebecca Twigg (2006)
  • Single Sign-on
  • Yale University
  • UCCS

6
Rationale and Relevance
  • The events on September 11, 2001 which spawned
    the 9/11 commissions report
  • Hurricane Katrina and Rita in 2005
  • Personal experiences
  • Military United States Army Battle Staff
  • Lockheed Martin Integrated Systems and Solutions
  • Raytheon Intelligence and Information Systems

7
J2EE vs. .NET
  • When it comes to building distributed web
    applications which can interoperate seamlessly
    between components in platform-neutral way there
    are two leading technologies competing for your
    vote, J2EE and .NET (pronounce dot NET).

8
.NET
  • .NET is a Microsoft centric approach that runs on
    Windows platforms but does not fully comply with
    other operating systems.
  • .NET is still in its infancy with respect to Java
    and has not reached its tipping point with many
    vendors.

9
J2EE
  • J2EE is a platform-independent solution that uses
    the Java programming language and provides
    support for major operating systems
  • J2EE is widely supported amongst major vendors
  • W.O.R.M
  • Write once run many times

10
J2EE Application Servers
  • BEA WebLogic
  • IBM Websphere
  • SunOne Portal Server
  • JBOSS

11
Java Portals
  • A Java portal is a J2EE conformant technology
    which aggregates resources from disparate systems
    into a common operating environment over the web.
    It generally allows individualized customization,
    facilitates single sign-on authentication and is
    designed to run on multiple platforms JSR168.

12
Portlets
  • Portlets are web components that generate dynamic
    content in an autonomous fashion. The autonomy
    is generated by markup fragments such as HTML,
    XHTML, or XML, but the aggregation of the
    fragments are managed by a portlet container.

13
Portlet Container
  • In general, a container is software that provides
    out of the box services which developers can
    leverage for initialization, creation, and
    deletion, as well as, resource and dependency
    management JBOSSP.

14
JSR 168
  • Java Specification Request 168, originally
    released in October 2003, provides the blueprint
    for developing portal components.
  • Portlet Application Program Interface (API)
  • Portlet
  • PortletConfig
  • GenericPortlet

15
JEEMA
  • Java Enterprise Edition Multilevel Access
  • Web Portal

16
What is JEEMA?
  • JEEMA, Java Enterprise Edition Multilevel Access,
    is an acronym for a Java 2 Enterprise Edition
    (J2EE) compliant web portal that champions
    portlet technology to facilitate single sign-on
    authentication to access resources with multiple
    security levels
  • JEEMA is based on the Java 2 Platform, Standard
    Edition, which adheres to the Java programming
    language and libraries

17
(No Transcript)
18
JEEMA Test bed Specifications
  • Dell Optiplex GX620
  • Intel (R)
  • Pentium (R)
  • CPU 3.20GHz, 3.19 GHz,
  • 3.50 GB of RAM
  • Physical Address Extension

19
System Specifications
  • Microsoft Windows XP
  • Professional Version 2002
  • Service Pack 2
  • Internet Explorer 6.0.2900.2180.xpsp.050622-1524
  • BEA WebLogic Workshop
  • Version 8.1.5
  • Build 2005.0921.20042

20
JEEMA implementation of SSO
  • WebLogic Portal Administration
  • http//128.198.61.1797001/portalAppAdmin/

21
JEEMA implementation of IPC
  • Java Messaging Service APIs
  • Uses the listenTo attribute in establishing
    interportlet communications.
  • Whenever a portlet is added to a portal, it
    creates an instance this instance has an
    instance label which other portlets listen to

22
Client Request
23
JSP
  • ltbodygt
  • ltnetuiform action"getMessage"gt
  • ltnetuitextBox dataSource"text"/gt
  • ltnetuibuttongtSubmitlt/netuibuttongt
  • lt/netuiformgt
  • lt/bodygt

24
TopSecretController.jpf
  • /
  • _at_jpfaction
  • _at_jpfforward name"simpleForm
    path"topSecret.jsp"
  • /
  • protected Forward getMessage( Form form )
  • try
  • publisher.writeMessage(message)
  • catch(Exception e)
  • e.printStackTrace()
  • return new Forward( "simpleForm" )

25
JMS
  • private InitialContext jndi null
  • private String TOPIC "jmsTopic"
  • private String JNDI_CONNECTION_FACTORY
    "weblogic.jndi.WLInitialContextFactory"
  • private String JMS_CONNECTION_FACTORY
    "weblogic.jms.ConnectionFactory "
  • private String APPLICATION_PROVIDER_URL
    "t3//localhost7001"

26
Performance
  • The portlets contained same content but was
    double for each iterations (i.e. 4 portlets, 8
    portlets, 16 portlets, 64 portlets).

27
JEEMA Reliability
  • The reliability of the system, R (m), is measured
    in terms of its ability to deliver reliable
    messages to its recipients as portlets increase
    within a web portal.
  • This can be defined mathematically as R(m) p/
    m, where p is equal to the number of reliable
    messages and m is the total number of messages.

28
Lessons Learned
  • The challenges related to remote development
    (The virtual team)
  • Black Box Coding
  • Implementing JMS on SunOne and JBoss
  • JNDI
  • Asynchronous Communication

29
Future Work
  • Integration with WSRP 2.0
  • Use XACML Decision Points
  • Asynchronous Java and XML (AJAX) methodologies

30
Conclusion
  • A single sign on can realize multilevel
    security
  • The technology is not mature enough in its
    current form for an enterprise solution that used
    for National Security
  • It does provides a stepping stone toward upward
    mobility in MLS solutions

31
Questions
32
Backup
  • Control Tree
  • JMS Configuration
Write a Comment
User Comments (0)
About PowerShow.com