Apps Messaging: security
jontayler at gmail.com
Tue Apr 10 05:08:44 PDT 2007
On 10 Apr 2007, at 12:59, Mark Taylor wrote:
> On Fri, 6 Apr 2007, John Taylor wrote:
>> The question of applications spoofing one another has come up a
>> few times.
>> While I don't really believe it's a serious risk (those astronomers -
>> they're such jokers!), I set out below a simple modification to
>> the above
>> protocol that would make it more secure. This is based on
>> proposals by
>> Mark Taylor in discussions we had a year ago - if they don't make
>> any sense
>> then blame my faulty memory rather than Mark.
>> The register operation could be changed as follows:
>> (id, application-secret) = register*(hub-secret)
>> The hub-secret is a secret that can only be easily known by
>> running under the user's uid and is intended to defeat other users
>> on the
>> same machine who might try (e.g.) port scanning. For instance, it
>> could be
>> a random string written into the .ivoamsg file. The application-
>> secret is a
>> per-application secret that apps must keep track of and use along
>> with their
>> id to identify themselves. Thus, operations 2-8 would all include
>> this as
>> an extra parameter (though it wouldn't be transmitted to any
>> application by the hub.) This prevents Topcat pretending to be
>> Aladin and
>> vice versa (you guys!).
> I think this is what I proposed before, but if we're starting from
> scratch it can be a bit simpler: the register message is
> secret-id = register*(hub-secret)
> and the returned secret-id is used, as per your existing method
> signatures, as sender identification for every communication
> between the application and the hub, e.g.
> this application secret-id is never seen by any other application
> though. The hub will maintain a separate and parallel list of ids
> which serve as public identifiers for each application to use for
> instance as return values for the getApplicationIds() method.
Good point - I'll make that change. Can you think of a situation
where an application would need to know its own public-id?
> Mark Taylor Astronomical Programmer Physics, Bristol
> University, UK
> m.b.taylor at bris.ac.uk +44-117-928-8776 http://www.star.bris.ac.uk/
More information about the apps