In this programming assignment,  you will  develop an "object server"  which stores information that is of interest to a set of client nodes. Client nodes can request the server for a copy of  an object. The server can send the object confidentially or can ensure that its integrity is maintained while it is transmitted.  To simplify the project, we will make two assumptions. First, we would not worry about when and how the object are created. The server can be initialized with a set of objects.  In addition to the data, each object has an object identifier and a type (e.g., what kind of object it is) as well as a security requirement. The security requirement can be confidentiality, integrity or none. Confidential objects should not be transmitted in the clear. For objects that  require integrity,  an intruder should not be able to modify the object content. Objects that have no security requirement  do not need either of these guarantees. The second assumption we make is to ignore access control. Thus, any client may request an object and the server will provide the object to the client according to the security requirements defined for the object.

You need to implement the server and a set of clients.  To meet the integrity and confidentiality needs, we will need to use cryptographic functions. In particular, you should use the support provided by Java Crypto API to achieve this goal. You should use public keys to encrypt information when needed.  This, however, creates the problem of how client public keys are made known to the server.  One way to build such system is to implement a primitive certification authority that issues certificates that bind clients to their public keys. Thus, if client A makes a request, the server can request A's public key and use it to encrypt the
object before sending it to the client. Similarly, keys can be used to meet the integrity requirement.

As a first step, you should study the Java Crypto API and explore  how it can be used to build a system such as the one described above. Once you understand this, you should come up with a design of the object server and the certification authority.  This design should include the major data structures implemented by them as well as the interactions that they support with each other.  This should be followed by the actual implementation. The clients can simply query the object server repeatedly and display what objects are received and their sensitivity levels.  A client specifies the object it is interested in by supplying its object identifier. The sensitivity level received in response determines if the object is received in cipher or plain text. You should program multiple clients and they should run on different machines. Communication between the server, the certification authority and the clients can be implemented either using Java RMI or sockets.

You have considerable flexibility in working out some of the details (e.g., what kind of objects to store).  However, you will have to do a demo of your system and prepare a write-up that discusses your design and implementation.