Date post: | 31-Dec-2015 |
Category: |
Documents |
Upload: | calista-schneider |
View: | 23 times |
Download: | 0 times |
Java Enterprise Multilevel Access“JEEMA”
Web PortalIn partial fulfillment of the requirements
for a Masters of Science Computer Science
Presented by
Patrick D. Cookfor
Dr. Edward Chow Dr. Charlie ShubDr. Jugal Kalita
Patrick Cook JEEMA 2
Outline• Project goals• Background• JEEMA• Performance• Reliability• Lessons Learned• Conclusion• Demo
Patrick Cook JEEMA 3
Project Goals• Can a single sign-on realize multilevel security?• Investigate Portlet Technology, in particular Java
Specification Request (JSR)168, to determine if it would facilitate sharing data, at different security levels
• Avert the information flow problem, i.e. use a single sign on to access to multiple levels of classified resources, without compromising the multilevel security policy.
Background
Related work, Rationale, Design decisions
Patrick Cook JEEMA 5
Related Work
• Portals, Portlets and IPC– Michelle Osborne (2006)– Rebecca Twigg (2006)
• Single Sign-on – Yale University– UCCS
Patrick Cook JEEMA 6
Rationale and Relevance
• The events on September 11, 2001 which spawned the 9/11 commissions report
• Hurricane Katrina and Rita in 2005• Personal experiences
– Military United States Army Battle Staff– Lockheed Martin Integrated Systems and Solutions– Raytheon Intelligence and Information Systems
Patrick Cook JEEMA 7
J2EE vs. .NET
• When it comes to building distributed web applications which can interoperate seamlessly between components in platform-neutral way there are two leading technologies competing for your vote, J2EE and .NET (pronounce “dot NET”).
Patrick Cook JEEMA 8
.NET
• .NET is a Microsoft centric approach that runs on Windows platforms but does not fully comply with other operating systems.
• .NET is still in its infancy with respect to Java and has not reached its “tipping” point with many vendors.
Patrick Cook JEEMA 9
J2EE
• J2EE is a platform-independent solution that uses the Java programming language and provides support for major operating systems
• J2EE is widely supported amongst major vendors
• W.O.R.M– Write once run many times
Patrick Cook JEEMA 10
J2EE Application Servers
• BEA WebLogic
• IBM Websphere
• SunOne Portal Server
• JBOSS
Patrick Cook JEEMA 11
Java Portals
• A Java portal is a J2EE conformant technology which aggregates resources from disparate systems into a common operating environment over the web. It generally allows individualized customization, facilitates single sign-on authentication and is designed to run on multiple platforms [JSR168].
Patrick Cook JEEMA 12
Portlets
• Portlets are web components that generate dynamic content in an autonomous fashion. The autonomy is generated by markup fragments such as HTML, XHTML, or XML, but the aggregation of the fragments are managed by a portlet container.
Patrick Cook JEEMA 13
Portlet Container
• In general, a container is software that provides “out of the box” services which developers can leverage for initialization, creation, and deletion, as well as, resource and dependency management [JBOSSP].
Patrick Cook JEEMA 14
JSR 168
• Java Specification Request 168, originally released in October 2003, provides the blueprint for developing portal components.
• Portlet Application Program Interface (API)– Portlet – PortletConfig – GenericPortlet
JEEMA
Java Enterprise Edition Multilevel Access
Web Portal
Patrick Cook JEEMA 16
What is JEEMA?• JEEMA, Java Enterprise Edition Multilevel
Access, is an acronym for a Java 2 Enterprise Edition (J2EE) compliant web portal that champions portlet technology to facilitate single sign-on authentication to access resources with multiple security levels
• JEEMA is based on the Java 2 Platform, Standard Edition, which adheres to the Java programming language and libraries
Patrick Cook JEEMA 17
Patrick Cook JEEMA 18
JEEMA implementation of SSO
• WebLogic Portal Administration– http://128.198.61.179:7001/portalAppAdmin/
Patrick Cook JEEMA 19
JEEMA implementation of IPC
• Java Messaging Service API’s
• Uses the “listenTo” attribute in establishing interportlet communications.
• Whenever a portlet is added to a portal, it creates an “instance” this instance has an instance label which other portlets listen to
Patrick Cook JEEMA 20
Client Request
Patrick Cook JEEMA 21
JSP
<body>
<netui:form action="getMessage">
<netui:textBox dataSource="text"/>
<netui:button>Submit</netui:button>
</netui:form>
</body>
Patrick Cook JEEMA 22
TopSecretController.jpf /** * @jpf:action * @jpf:forward name="simpleForm“ path="topSecret.jsp" */ protected Forward getMessage( Form form ) {
String message = form.getText(); try
{ publisher.writeMessage(message); } catch(Exception e) { e.printStackTrace(); }
return new Forward( "simpleForm" ); }
Patrick Cook JEEMA 23
JMS
private InitialContext jndi = null;
private String TOPIC = "jmsTopic";
private String JNDI_CONNECTION_FACTORY = "weblogic.jndi.WLInitialContextFactory";
private String JMS_CONNECTION_FACTORY = "weblogic.jms.ConnectionFactory ";
private String APPLICATION_PROVIDER_URL = "t3://localhost:7001";
Perfomance
System Specifications, Testbed Specifications, Results
Patrick Cook JEEMA 25
System Specifications
• Microsoft Windows XP – Professional Version 2002– Service Pack 2
• Internet Explorer 6.0.2900.2180.xpsp.050622-1524
• BEA WebLogic Workshop– Version 8.1.5 – Build 2005.0921.20042
Patrick Cook JEEMA 26
JEEMA Test bed Specifications
• Dell Optiplex GX620 – Intel (R)– Pentium (R) – CPU 3.20GHz, 3.19 GHz,– 3.50 GB of RAM– Physical Address Extension
Patrick Cook JEEMA 27
Performance
• The portlets contained same content but was double for each iterations (i.e. 4 portlets, 8 portlets, 16 portlets…, 64 portlets).
IPC Performance
R2 = 0.9905
y = -0.0691x2 + 21.537x - 27.569
0
200
400
600
800
1000
1200
0 10 20 30 40 50 60 70
number of portlets
time
(mill
isec
onds
)
Patrick Cook JEEMA 28
JEEMA Reliability
• The reliability of the system, R (m), is measured in terms of its ability to deliver reliable messages to its recipients as portlets increase within a web portal.
• This can be defined mathematically as R(m) = p/ m, where p is equal to the number of reliable messages and m is the total number of messages.
Patrick Cook JEEMA 29
Lessons Learned
• The challenges related to remote development (“The virtual team”)
• Black Box Coding
• Implementing JMS on SunOne and JBoss– JNDI– “Asynchronous” Communication
Patrick Cook JEEMA 30
Future Work
• Integration with WSRP 2.0
• Use XACML Decision Points
• Asynchronous Java and XML (AJAX) methodologies
Patrick Cook JEEMA 31
Conclusion
• A single sign – on can realize multilevel security
• The technology is not mature enough in its current form for an enterprise solution that used for National Security
• It does provides a stepping stone toward upward mobility in MLS solutions
Patrick Cook JEEMA 32
Questions
Patrick Cook JEEMA 33
Backup
• Control Tree
• JMS Configuration