Security 06/24/2007
 

A modern communication protocol must be secure. And to do it right, security must have been integrated in the design from the very start. Here is a short list of security requirements for DITP:

   - authenticate peers
   - support exchanged data authentication and encryption
   - provide access control on accessible services, objects and methods
   - support single and multi-signed information of any kind
   - signed information supporting polymorphism and aggregates
   - allow anyone to verify any signature with minimal knowledge

Multi-signed information is when more than one people sign a given information, (i.e. a contract).

With a stream oriented encoding this all imply that we are able to apply a hash function (i.e. SHA) on transmitted data while it is encoded or decoded.

This is what I am currently implementing. Unfortunately, a server crash, monopolized all my time this week. Murphy's law revenge... 

 


Comments

Olivier PISANO

Sun, 24 Jun 2007 23:44:19

A server crash again ? What on earth did you try to do this time ? ;)

 

chmike

Tue, 26 Jun 2007 00:03:43

I turned the PC off but didn't unplug the power cord. Then I inserted an AGP card and it made a tiny spark...

It has been replaced by a Jetway J7F2 miniITX 1.2GHz (fanless) running 24/7. The CPU temp never goes above 30c. The "used up" PC's CPU was always around 50c, even without much activity on it. Same for the hard disks. A big waste of energy.

One of the positive thing I learned is the benefit of using external services like http://www.weebly.com. It remained available while my server was down and there is no need for reinstallation :]

 



Leave a Reply