Programming Project II
Due Date: Tuesday, December 11, 2001

 

The goal of this project is to design and implement a security architecture (e.g., a set of services and interfaces offered by them) for developing secure distributed applications. In particular, we want to explore services that can be used to access sensitive data by a variety of users. We will consider an application where online access to student records is provided by the system in a controlled fashion. The records maintained by the system for each student contain information such as grades for tests and quizzes for various courses. A student and his/her family members can have read-only access to such information. A teacher can update grades for a course that is taught by the teacher. School administrators such as registrar can read or update information related to any or all of a student’s courses.

 

Clearly, the security architecture must include services for authenticating users and for authorizing their accesses. We will assume centralized authentication and authorization services. The authentication service makes use of passwords to activate one or more roles for a user. These roles control the accesses that can be granted to the user. The authorization service is a central repository of access control rules that govern access to student records based on the authentication credentials of a user. Typically, the authorization services issues “access token” that can be presented to a grade management service (GMS). The GMS makes data available to a request depending on the access token provided by the requestor. In addition to these services, we also want an audit service. GMS logs records that reflect accesses by various roles/users to data objects and periodically sends such logged information to the audit service. This service can examine these records to dynamically change access control information maintained by the authorization service. For example, if a student has accessed his or her information more than a certain number, access may be turned off for a certain period.

 

Because of privacy and integrity concerns, access to student records must be controlled. Furthermore, confidentiality is required when the information is sent over open networks. Encryption can be used to protect information when it is transmitted or stored at a node that can potentially be compromised.

 

A successful completion of the project would require a demo that shows a secure grade management application that makes use of the functionality provided by the various services. To achieve this goal, you should follow the plan outlined below.

 

  1. You need to first define a security policy that will govern access to information in this application. Once the security policy is in place, explore what services may be needed for the enforcement of the policy.
  2. Since you will create a distributed application that employs encryption, you should familiarize yourself with distributed programming using sockets and a crypto library. In particular, you should be able to set up client/server applications that use TCP/IP sockets. You should also look at the Open SSL library that provides cryptographic facilities that will be needed by your application. There is good bit of information available online on the Open SSL library, including its source code. The cryptographic library functions will be used to create secure communication paths between the various services and to seal/sign various types of credentials.
  3. Once you are comfortable with secure distributed communication, you must design the various services that are required to build the application. In particular, define the functionality provided by the authentication, authorization and the audit services. Clearly define the calls they support as well as the state maintained by them to implement the calls.
  4. Implement the services designed by you. Test each service thoroughly. For example, your authentication and authorization services can be initialized with a set of users and their credentials as well as access rules. You should demonstrate that access credentials could only be obtained by properly authenticated and authorized users.
  5. Design a prototype grade management service and implement it.
  6. Implement a sample application that securely accesses the information stored by the GMS. You should test it to demonstrate that it only allows access to authorized users.

 

Once your design and implementation is complete, you need to critically examine your design as well as its implementation. In particular, discuss the strengths and the weaknesses of the design. You should also discuss potential situations under which secure access could be compromised. Finally, discuss your experiences with the library or libraries that you use. A report that details all these, and the overall design, must be submitted on or before the due date. You will need to demonstrate the functionality of your services and application. Demo dates will be December 12 and 13.

 

If you any question, please feel free to contact Professor Ahamad or Michael Covington.