Publisher's Synopsis
Curious hospital staff peeking at medical records of famous people. Snoopers grabbing passwords and traveling from machine to machine across a private network. Practical jokers changing documents under the noses of their authors.These stories are scary, and they really do happen. Computer security affects all of us, not just banks or military sites. And security is particularly critical in network applications, since an outsider can so easily gain network access and pose as a trusted user.Here lies one of the greatest strengths of the Distributed Computing Environment (DCE) from the Open Software Foundation (OSF). DCE offers the most complete, flexible, and well-integrated network security package in the industry. The only problem is learning how to program it.Actually, DCE security is not that difficult -- you just have to understand the reasons for it and what is expected of you as the applications programmer. There's a lot of code to write, but the tasks are straightforward once you have designed your application.The heart of DCE security lies in Access Control Lists (ACLs). But before you start to play with these, you have to do some design work. For instance, ACLs need to be stored on disk so that they can last between runs of the application.This book helps you plan your application and lay the groundwork for ACLs, as well as use the calls that come with the DCE security interfaces. It covers the purpose of DCE security, how the whole system fits together, what is required of the programmer, and how to figure out what needs protecting in an application. Using a sample application, increasingly sophisticated types of security are discussed:
- Authenticating and authorizing the client and server.
- Using ACLs for authorization.
- The notorious, dreaded ACL manager -- which isn't so hard to write after all. This book focuses on version 1.0 of DCE. However, issues in version 1.1 are also discussed so you can migrate to that interface.
