Project

General

Profile

Feature #7374

Authentication and Authorization in the Messaging Server

Added by Elliott McCrory about 5 years ago. Updated almost 5 years ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Category:
-
Start date:
11/24/2014
Due date:
% Done:

100%

Estimated time:
Duration:

Description

At this time, a Display will do anything it is told to do by anybody. A more robust implementation would assure that the origin of the message and the content of the message is appropriate. It is not hard to imagine a malicious user who logs into the messaging server using a bit of software of his/her making and then tells the Displays to put up (ahem!) inappropriate web sites.

The system has a built-in mechanism for determining authorization ("Public", "Experiment" and "XOC").

It all boils down to inventing a mechanism for authentication.

It seems that authentication for instances of the software that run on known machines in known places is acceptable.

History

#1 Updated by Elliott McCrory about 5 years ago

Elliott McCrory wrote:

At this time, a Display will do anything it is told to do by anybody. A more robust implementation would assure that the origin of the message and the content of the message is appropriate. It is not hard to imagine a malicious user who logs into the messaging server using a bit of software of his/her making and then tells the Displays to put up (ahem!) inappropriate web sites.

The system has a built-in mechanism for determining authorization ("Public", "Experiment" and "XOC").

It all boils down to inventing a mechanism for authentication.

It seems that authentication for instances of the software that run on known machines in known places is acceptable.

Actually, I am thinking now that each message can be signed using java.security.Signature and java.security.SignedObject. The public keys of each actor can be stored in the database.

But we need a way to authorize each actor. The actors are programs (each Display, the Messaging Server) and people (ChannelSelector). Some ChannelSelectors (e.g., the one in the ROC) can be automatically authorized. So, what do I do? Do we need a login? (Yuck!) Or is it sufficient to authenticate an instance of ChannelSelector by the PC it is run on?

#2 Updated by Elliott McCrory almost 5 years ago

  • % Done changed from 0 to 100

#3 Updated by Elliott McCrory almost 5 years ago

  • Status changed from New to Closed


Also available in: Atom PDF