Posts

Showing posts from August, 2012

Authorization for a Multi-Cloud System

Image
This is a project design I am currently working on to consume SPIFFE(Secure Production Identity Framework For Everyone) bootstrapped trust and identification to provide authorization in a dynamically scaling, heterogeneous system, inspired by Mr. Prabath Siriwardena from WSO2 and under the supervision of Prof. Gihan Dias from University of Moratuwa. An enterprise system running across multiple clouds, as in the hybrid cloud, is an obvious example that will be benefitted from this. The objective is to open doors for the SPIFFE standard based systems to co-exist with rest of the systems with minimal effort, without compromising on security aspects while having an authorization solution based on SPIFFE.
What is SPIFFE? In brief, it is a trust bootstrapping and identification framework, submitted as a standard and accepted by CNCF(Cloud Native Computing Foundation)[1]. As of now, this standard has two main implementations as SPIRE and Istio[2], a platform that supports service mesh archit…

Visualizing Code in Eclipse (Using Architexa)

Image
I am here sharing a nice tool I recently found to draw the diagrams for my final year project at university. When the project is concerned, managing it is challenging with,  code base of the project is pretty largea team is working on the projectwe need to maintain the quality and performance of the project proper documentation is also evaluated So we were searching for an easy to use and nice looking tool to achieve the purposes without making it annoying that, we can focus more on the logic and optimization than decorating a diagram. :) That is were I found this plugin for eclipse called Architexa client, which is free for use.
Following is a sequence diagram I generated using the plugin, which didn't take more than 30s to draw than dragging the relevant classes and setting the relevant calls.

Following is a class diagram generated, that you can clearly observe the clear and smart look of the diagrams.

Pros:

From several tools that I have tried this was more faster and the diagram…

Generating Key Pairs and Importing Public Key Certificates to a Trusted Keystore

Image
Through this I am sharing the most simple scenario to follow in using Java keytool for the requirements of Apache Wookie projects digital signature implementation. Anyway if you are looking to know how to generate a key pair or import a certificate to a Keystore using keytool, still this may be helpful. Refer this segment of Java SE documentation to know in-depth details.
You needs a configuration of Java in your computer to use keytool and that is enough :).

Generating Key Pairs
Use following command in command prompt to generate a keypair with a self-signed certificate keytool -genkey -alias wookie -keyalg RSA -keystore wookieKeystore.jks -keysize 4096 After  -alias give the alias to be used for keys           -keylag give the algorithm to be used in key generation          -keystore give the name of the keystore with type .jks (You can give a path here to store the keystore in a desired place)           -keysize give the length for the generating key in bits This will look something as foll…

Apache Wookie W3C Widget Digital Signature Implementation - GSoC2012

Image
I am here sharing my GSoC 2012 project details which I enjoyed a lot while learning. This includes a brief introduction on the project with it's design, implementation and guidance on using. The implementation has been done using Apache Santuario 1.5.2 release to generate digital signatures. The project is mentored by Scott Wilson who was so helpful and supported by the community. This is Scott Wilson's post on the project.
What is Apache Wookie?
Apache Wookie is a Java server application that allows widget uploading and deployment as useful for variety of applications. This may include gadgets to quizzes and games. Wookie has been based on W3C widget specification while providing flexibility on Google Wave gadgets etc. At the moment of writing, it is in the Apache incubator getting ready to graduate as an Apache Project. 
Objective of the project
The objective this project is to implement the 'W3C XML Digital Signatures for Widgets' specification in Wookie which has bee…