330 likes | 429 Views
Java Enterprise Multilevel Access “JEEMA” Web Portal In partial fulfillment of the requirements for a Masters of Science Computer Science Presented by Patrick D. Cook for Dr. Edward Chow Dr. Charlie Shub Dr. Jugal Kalita. Outline. Project goals Background JEEMA Performance Reliability
E N D
Java Enterprise Multilevel Access“JEEMA” Web PortalIn partial fulfillment of the requirements for a Masters of Science Computer SciencePresented by Patrick D. CookforDr. Edward Chow Dr. Charlie ShubDr. Jugal Kalita
Outline • Project goals • Background • JEEMA • Performance • Reliability • Lessons Learned • Conclusion • Demo JEEMA
Project Goals • Can a single sign-on realize multilevel security? • Investigate Portlet Technology, in particular Java Specification Request (JSR)168, to determine if it would facilitate sharing data, at different security levels • Avert the information flow problem, i.e. use a single sign on to access to multiple levels of classified resources, without compromising the multilevel security policy. JEEMA
Background Related work, Rationale, Design decisions
Related Work • Portals, Portlets and IPC • Michelle Osborne (2006) • Rebecca Twigg (2006) • Single Sign-on • Yale University • UCCS JEEMA
Rationale and Relevance • The events on September 11, 2001 which spawned the 9/11 commissions report • Hurricane Katrina and Rita in 2005 • Personal experiences • Military United States Army Battle Staff • Lockheed Martin Integrated Systems and Solutions • Raytheon Intelligence and Information Systems JEEMA
J2EE vs. .NET • When it comes to building distributed web applications which can interoperate seamlessly between components in platform-neutral way there are two leading technologies competing for your vote, J2EE and .NET (pronounce “dot NET”). JEEMA
.NET • .NET is a Microsoft centric approach that runs on Windows platforms but does not fully comply with other operating systems. • .NET is still in its infancy with respect to Java and has not reached its “tipping” point with many vendors. JEEMA
J2EE • J2EE is a platform-independent solution that uses the Java programming language and provides support for major operating systems • J2EE is widely supported amongst major vendors • W.O.R.M • Write once run many times JEEMA
J2EE Application Servers • BEA WebLogic • IBM Websphere • SunOne Portal Server • JBOSS JEEMA
Java Portals • A Java portal is a J2EE conformant technology which aggregates resources from disparate systems into a common operating environment over the web. It generally allows individualized customization, facilitates single sign-on authentication and is designed to run on multiple platforms [JSR168]. JEEMA
Portlets • Portlets are web components that generate dynamic content in an autonomous fashion. The autonomy is generated by markup fragments such as HTML, XHTML, or XML, but the aggregation of the fragments are managed by a portlet container. JEEMA
Portlet Container • In general, a container is software that provides “out of the box” services which developers can leverage for initialization, creation, and deletion, as well as, resource and dependency management [JBOSSP]. JEEMA
JSR 168 • Java Specification Request 168, originally released in October 2003, provides the blueprint for developing portal components. • Portlet Application Program Interface (API) • Portlet • PortletConfig • GenericPortlet JEEMA
JEEMA Java Enterprise Edition Multilevel Access Web Portal
What is JEEMA? • JEEMA, Java Enterprise Edition Multilevel Access, is an acronym for a Java 2 Enterprise Edition (J2EE) compliant web portal that champions portlet technology to facilitate single sign-on authentication to access resources with multiple security levels • JEEMA is based on the Java 2 Platform, Standard Edition, which adheres to the Java programming language and libraries JEEMA
JEEMA implementation of SSO • WebLogic Portal Administration • http://128.198.61.179:7001/portalAppAdmin/ JEEMA
JEEMA implementation of IPC • Java Messaging Service API’s • Uses the “listenTo” attribute in establishing interportlet communications. • Whenever a portlet is added to a portal, it creates an “instance” this instance has an instance label which other portlets listen to JEEMA
Client Request JEEMA
JSP <body> <netui:form action="getMessage"> <netui:textBox dataSource="text"/> <netui:button>Submit</netui:button> </netui:form> </body> JEEMA
TopSecretController.jpf /** * @jpf:action * @jpf:forward name="simpleForm“ path="topSecret.jsp" */ protected Forward getMessage( Form form ) { String message = form.getText(); try { publisher.writeMessage(message); } catch(Exception e) { e.printStackTrace(); } return new Forward( "simpleForm" ); } JEEMA
JMS private InitialContext jndi = null; private String TOPIC = "jmsTopic"; private String JNDI_CONNECTION_FACTORY = "weblogic.jndi.WLInitialContextFactory"; private String JMS_CONNECTION_FACTORY = "weblogic.jms.ConnectionFactory "; private String APPLICATION_PROVIDER_URL = "t3://localhost:7001"; JEEMA
Perfomance System Specifications, Testbed Specifications, Results
System Specifications • Microsoft Windows XP • Professional Version 2002 • Service Pack 2 • Internet Explorer 6.0.2900.2180.xpsp.050622-1524 • BEA WebLogic Workshop • Version 8.1.5 • Build 2005.0921.20042 JEEMA
JEEMA Test bed Specifications • Dell Optiplex GX620 • Intel (R) • Pentium (R) • CPU 3.20GHz, 3.19 GHz, • 3.50 GB of RAM • Physical Address Extension JEEMA
Performance • The portlets contained same content but was double for each iterations (i.e. 4 portlets, 8 portlets, 16 portlets…, 64 portlets). JEEMA
JEEMA Reliability • The reliability of the system, R (m), is measured in terms of its ability to deliver reliable messages to its recipients as portlets increase within a web portal. • This can be defined mathematically as R(m) = p/ m, where p is equal to the number of reliable messages and m is the total number of messages. JEEMA
Lessons Learned • The challenges related to remote development (“The virtual team”) • Black Box Coding • Implementing JMS on SunOne and JBoss • JNDI • “Asynchronous” Communication JEEMA
Future Work • Integration with WSRP 2.0 • Use XACML Decision Points • Asynchronous Java and XML (AJAX) methodologies JEEMA
Conclusion • A single sign – on can realize multilevel security • The technology is not mature enough in its current form for an enterprise solution that used for National Security • It does provides a stepping stone toward upward mobility in MLS solutions JEEMA
Questions JEEMA
Backup • Control Tree • JMS Configuration JEEMA