Date post: | 13-Jan-2016 |
Category: |
Documents |
Upload: | erick-mitchell |
View: | 213 times |
Download: | 0 times |
®
Gradient Technologies, Inc.Gradient Technologies, Inc.
Extending the Value of DCE Extending the Value of DCE
Open Group Members MeetingOpen Group Members MeetingSand Diego, CA USASand Diego, CA USA
April 1998April 1998
Brian BretonBrian Breton
@ 1998 Gradient Tecnologies, Inc.
AgendaAgenda• PC-DCEPC-DCE• NetCrusaderNetCrusader
• Object SecurityObject Security
• NetCrusader CommanderNetCrusader Commander
@ 1998 Gradient Tecnologies, Inc.
• PC-DCE for Windows NT/95 v2.1PC-DCE for Windows NT/95 v2.1
• PC-DCE for Windows 3.1 v1.1.1PC-DCE for Windows 3.1 v1.1.1
• Mac-DCE v2.0Mac-DCE v2.0
• SysV-DCE v1.1SysV-DCE v1.1– SCO UnixWareSCO UnixWare
– NCR MP-RASNCR MP-RAS
– Sequent Dynix/ptxSequent Dynix/ptx
PC-DCEPC-DCEProduct FamilyProduct Family
DCE for the DesktopDCE for the Desktop
@ 1998 Gradient Tecnologies, Inc.
PC-DCEPC-DCE• 100% OSF DCE compliant & compatible100% OSF DCE compliant & compatible
– Ported & developed for unique platformsPorted & developed for unique platforms
• Thinnest desktop clientThinnest desktop client– < 1.0 MB memory< 1.0 MB memory
• Configurable for many deployment needsConfigurable for many deployment needs– manual/remote installationsmanual/remote installations
– unattended installation with s/w distribution toolsunattended installation with s/w distribution tools
– download & rundownload & run
@ 1998 Gradient Tecnologies, Inc.
PC-DCE for Windows NT/95 v2.2PC-DCE for Windows NT/95 v2.2• Co-Authentication System Co-Authentication System
Security Dynamics Security Dynamics Two-factor authentication for DCE loginTwo-factor authentication for DCE login
Entrust PKIEntrust PKI Integrated Public Key/DCE authenticationIntegrated Public Key/DCE authentication
• Multi-Ethernet adapter support Multi-Ethernet adapter support – properly handle systems with multiple network properly handle systems with multiple network
connections to that segment network trafficconnections to that segment network traffic
• OSF DCE 1.2.1 basedOSF DCE 1.2.1 based
@ 1998 Gradient Tecnologies, Inc.
AgendaAgenda• PC-DCEPC-DCE
• NetCrusaderNetCrusader• Object SecurityObject Security
• NetCrusader CommanderNetCrusader Commander
@ 1998 Gradient Tecnologies, Inc.
CommonCommonAuthorization Authorization
ModelModel
NetCrusaderSecurity Server
Multiple Multiple AuthenticationAuthentication
MethodsMethods
Username/Password
Public-KeyCertificate
Two-FactorAuthentication
Customers
Partners
Employees
MultipleMultipleUserUser
PopulationsPopulations
Interoperating Across Security DomainsInteroperating Across Security DomainsMultiple Multiple
EncryptionEncryptionMethodsMethods
DES, RC4,RSA, CAST,
others
Object
Client/Server
Web-based
Multiple Application TypesMultiple Application Types
DistributedDistributedSecurity Security
ManagementManagement
NetCrusaderCommander
Heritage
@ 1998 Gradient Tecnologies, Inc.
NetCrusaderNetCrusaderSecurity ServerSecurity Server
Web browser
+ NetCrusaderNetCrusaderClientClient
Web browseronly
NetCrusader Web-based ArchitectureNetCrusader Web-based ArchitectureMicrosoft/Netscape/Oracle
Web Server(NT, Solaris, AIX, HP-UX)
NetCrusaderNetCrusaderCommanderCommander
ISAPI/NSAPIApplications
ProtocolFilter
Entrust/HTTP;DCE/HTTP
SSL NetCrusader Security Adapter
Username/Passwordor Public-Key Certificate
NetCrusaderCredentials
AccessPermissions
Two-factor(optional)
Two-factor(optional)
Delegationto backendresources
@ 1998 Gradient Tecnologies, Inc.
NetCrusaderNetCrusaderSecurity ServerSecurity Server
Web browser
+ NetCrusaderNetCrusaderClientClient
Web browseronly
NetCrusader Junction SupportNetCrusader Junction SupportMicrosoft/Netscape/Oracle
Web Server(NT, Solaris, AIX, HP-UX)
NetCrusaderNetCrusaderCommanderCommander
ISAPI/NSAPIApplications
ProtocolFilter
Entrust/HTTP;DCE/HTTP
SSL
Username/Passwordor Public-Key Certificate
NetCrusaderCredentials
AccessPermissions
Two-factor(optional)
Two-factor(optional)
Delegationto additionalweb servers
Security Adapter w/ Junction Support
@ 1998 Gradient Tecnologies, Inc.
AgendaAgenda• PC-DCEPC-DCE
• NetCrusaderNetCrusader
• Object SecurityObject Security
• NetCrusader CommanderNetCrusader Commander
@ 1998 Gradient Tecnologies, Inc.
Client ORBClient ORB Server ORBServer ORB
Orbix RT
PC-DCE RTPC-DCE RT
Orbix RTIIOP
OrbixSecurity OrbixSecurity
DCEDCESecurity Security ServicesServices
PC-DCE RTPC-DCE RTCORBA Security (Level 1)
PC-DCE/OrbixSecurity IntegrationPC-DCE/OrbixSecurity Integration
@ 1998 Gradient Tecnologies, Inc.
PC-DCE/OrbixSecurity BenefitsPC-DCE/OrbixSecurity Benefits• Proven enterprise security for object-based Proven enterprise security for object-based
applicationsapplications– No modifications required (Level 1)No modifications required (Level 1)
• Consistent security model across all tiers in Consistent security model across all tiers in the distributed environment the distributed environment
• Single, standardized interface for managing Single, standardized interface for managing access privileges access privileges
• Simplified security managementSimplified security management
@ 1998 Gradient Tecnologies, Inc.
Secure CORBA AccessSecure CORBA Access
Two-factorAuthentication
(optional)
NetCrusaderNetCrusaderSecurity ServerSecurity Server
NetCrusaderNetCrusaderCommanderCommander
CORBAApplication
Server(s)
C++, Java
CORBAApplication
Client(s)
C++, Java•Oracle•Sybase
•OrbixOTS•VisiBrokerOTM
•Tuxedo•Custom
CORBA Resources
UNIXWindows NT
•Encina•CICS
•Oracle•Sybase
•IMS•Custom
MainframeUNIX
Windows NT
DCE Resources
@ 1998 Gradient Tecnologies, Inc.
Secure Java AccessSecure Java Access
NetCrusaderNetCrusaderSecurity ServerSecurity Server
Web browser
NetCrusaderNetCrusaderCommanderCommander
CORBAApplication
Server(s)
Two-factorAuthentication
(optional)Java
Applet
C++, Java
•Oracle•Sybase
•OrbixOTS•VisiBrokerOTM
•Tuxedo•Custom
CORBA Resources
UNIXWindows NT
•Encina•CICS
•Oracle•Sybase
•IMS•Custom
MainframeUNIX
Windows NT
DCE Resources
@ 1998 Gradient Tecnologies, Inc.
AgendaAgenda• PC-DCEPC-DCE
• NetCrusaderNetCrusader
• Object SecurityObject Security
• NetCrusader CommanderNetCrusader Commander
@ 1998 Gradient Tecnologies, Inc.
Distributed Security ManagementDistributed Security Management
• Graphical management of users and groupsGraphical management of users and groups
@ 1998 Gradient Tecnologies, Inc.
NetCrusader Commander v3.2NetCrusader Commander v3.2• DCEDCE User/Group & ACL Management User/Group & ACL Management
– NetC & DCE share User/Group informationNetC & DCE share User/Group information
– CDS object ACL managementCDS object ACL management
• X.500 Browser to LDAP server for PKX.500 Browser to LDAP server for PK– browse an X.500 database with stored PK certs browse an X.500 database with stored PK certs
to view certificate distinguished name (DN)to view certificate distinguished name (DN)
– select via point & click to register the DN for the select via point & click to register the DN for the accountaccount
@ 1998 Gradient Tecnologies, Inc.
Industry PerspectivesIndustry Perspectives• Winner of Winner of Crossroads 98 A-List Crossroads 98 A-List
Award Award for technology for technology infrastructureinfrastructure
• Two Two Best-of-ShowBest-of-Show awards at awards at1997 Internet Commerce Expo1997 Internet Commerce Expo
• Finalist for Open Group 1997 Finalist for Open Group 1997 UniversaUniversa Award Award
®
NetCrusaderSecurity SolutionsSecurity Solutionsfor the Enterprisefor the Enterprise
Gradient Technologies, Inc.Gradient Technologies, Inc.2 Mount Royal Avenue2 Mount Royal AvenueMarlborough, MA 01752 USAMarlborough, MA 01752 USA+1 508 624 9600+1 508 624 9600
http://www.gradient.com/http://www.gradient.com/