Distributed System Annex and cross-domain applications

Distributed System Annex and cross-domain applications

[Florian Weimer]

To what extent is GNAT's implementation of the Distributed System
Annex suitable for cross-domain applications?

I'm not talking about military-grade security requirements, I'm just
wondering if it would be advisable to use it to, say, store both HR
data and data from customer-controlled machines to the same backup
server (assuming that the server side of the backup application
manages to keep the data separate 8-).

As one data point, I wouldn't trust Java RMI to match my security
requirements because it tends to involve mobile code.  (It is also
difficult to pass through firewalls, I think.)

Re: Distributed System Annex and cross-domain applications

[Maciej Sobczak]

On Apr 19, 8:40 pm, Florian Weimer <f...@deneb.enyo.de> wrote:
> To what extent is GNAT's implementation of the Distributed System
> Annex suitable for cross-domain applications?

What are "cross-domain applications"?

> As one data point, I wouldn't trust Java RMI to match my security
> requirements because it tends to involve mobile code.  (It is also
> difficult to pass through firewalls, I think.)

I still don't know what are "cross-domain applications" :-), but if
you even tried to consider Java RMI, then the following project might
be of interest to you:

http://www.inspirel.com/yami4/

Let me guess: by "cross-domain applications" you mean systems that
have to process data of various origins and the processing has to
respect the distinction between different data items. You are worried
that DSA or RMI might mix stuff on the way. YAMI4 might be a solution
in that it explicitly supports distinct message processing channels.
The isolation of communication paths can be managed not only at the
level of network connections, but even in terms of separate memory
partitions.
Is this what you expect?

--
Maciej Sobczak * http://www.msobczak.com * http://www.inspirel.com

Re: Distributed System Annex and cross-domain applications

[Florian Weimer]

* Maciej Sobczak:

> On Apr 19, 8:40�pm, Florian Weimer <f...@deneb.enyo.de> wrote:
>> To what extent is GNAT's implementation of the Distributed System
>> Annex suitable for cross-domain applications?
>
> What are "cross-domain applications"?

Applications which transfer data between different security domains.
An alternative view two (or more) otherwise separate systems
communicating with each other, where neither one trusts the other in
the sense that one system can break key security properties of the
other system.

(Other readers might give more accurate definitions.)

Re: Distributed System Annex and cross-domain applications

[Maciej Sobczak]

On Apr 20, 7:36 pm, Florian Weimer <f...@deneb.enyo.de> wrote:

> Applications which transfer data between different security domains.
> An alternative view two (or more) otherwise separate systems
> communicating with each other, where neither one trusts the other in
> the sense that one system can break key security properties of the
> other system.

I'm afraid this is too vague.

What properties of the middleware layer do you need?
Or, better, how do you recognize that the middleware layer does *not*
support the above expectations?

--
Maciej Sobczak * http://www.msobczak.com * http://www.inspirel.com