论文信息 - Distributed component architectures security issues

Distributed component architectures security issues

Enterprise information systems and e-commerce applications are tightly integrated in today's modern enterprises. Component architectures are the base for building such multitier distributed applications. This paper examines the security threats those systems must confront and the solutions proposed by major existing component architectures. A comparative evaluation of both security features and implementation issues is carried out to determine each architecture's strong points and drawbacks.

[1] Alan O. Freier,et al. The SSL Protocol Version 3.0 , 1996 .

[2] Carlisle M. Adams. The Simple Public-Key GSS-API Mechanism (SPKM) , 1996, RFC.

[3] Danielle Voeller Bird. Building Secure Microsoft ASP.NET Applications , 2003 .

[4] Stephen Farrell,et al. The SESAME V5 GSS-API Mechanism , 1996 .

[5] Charles Adams,et al. Understanding Public-Key Infra-structure: Concepts, Standards, and Deployment Con-siderations , 1999 .

[6] Claus Pahl,et al. Security in the Web Services Framework , 2003, ISICT.

[7] Ulrich Lang,et al. Developing Secure Distributed Systems with CORBA , 2002 .

[8] John T. Kohl,et al. The Kerberos Network Authentication Service (V5 , 2004 .

[9] Ulrich Lang,et al. The Challenges of CORBA Security , 2000 .

[10] Joni da Silva Fraga,et al. Authorization schemes for large-scale systems based on Java, CORBA and Web security models , 1999, IEEE International Conference on Networks. ICON '99 Proceedings (Cat. No.PR00243).

[11] Mark O'Neill,et al. Web Services Security , 2003 .

[12] Konstantin Beznosov,et al. Enterprise Security with EJB and CORBA , 2001 .

[13] Diomidis Spinellis,et al. Component mining: a process and its pattern language , 2000, Inf. Softw. Technol..

[14] Benjamin J. Shannon,et al. Java 2 platform enterprise edition specification , 2001 .