View and vote on the article here: CASOS : Project Windstone and FireSide
CASOS : Project Windstone and FireSide| Category | | | Summary | | There are currently two projects that the CASOS Site Development division is starting: Project Windstone and Project FireSide. At first glance, these two projects seem as though they are pretty routine. However, they have their own Special Operations and |
| | Body | [ Project Windstone ]
This project has actually been around for almost a year now, but has never really been given much attention nor has it been fully conceived in that time. The purpose of the project might sound familiar: To create a third-party, centralized and secure authentication system for site management systems, software, scripts, and users based on unique encryption methodologies. This project is best described as a Frankenstein-ish mix between Microsoft's Passport system and a Digital Rights Management system. The goal, however, is a little more-detailed than that.
Project Windstone is meant to centralize authentication of any type of user whether that user be a physical person, a program or script, or even a website. The idea is to provide an authentication system that uses API-style commands via the standard and readily available TCP/IP protocols. This allows developers of websites, scripts and programs to attract more visitors and users as well as allow them to login via a global and central third-party system that they will become accustomed to over time. The Site Development division is prepared to provide a proof-of-concept by the completion of its complimentary project, Project FireSide.
For more information and the design specifications of Project Windstone, please refer to the following URL:
http://windstone.x-mirror.com/windstone.php
[ Project FireSide ]
This project will be developed using the Project Windstone authentication system at its core. The purpose of Project Fireside is simple: To create a site management system that is comprehensive, feature-rich, extendable and most importantly, secure. Sounds simple, doesn't it? Well, yes and no.
Project FireSide is a total revamp of the the Special Operations and Security site management system. Currently, we use the SOS Site Management system version 0.97, revision 153. While extremely secure on many points, the design was thought to be by its developers as more of a mish-mash of code with various fixes overlapping each other -- this begins to lead to unclear code and often leads to problems later on when features need to be added, modified or removed altogether. The goal of this project is to attempt to fix those problems with a better-design and clear specifications to guide its development.
The project will be designed with a modular, yet very integrated approach. Rather than blindingly accepting information from one script to the next, there will be eleven core function libraries that manage various "realms" of the site and the system itself in a complementary way. These function libraries will include: Interface, Errors, Logs, Database, Sessions, Authentication, Transport, Encryption, Security and the Project Windstone function library for interfacing with that system. Some of these libraries give a clear indication as to their use by their name, but for the purpose of this article, I will elaborate on a few of the more-interesting ones.
Each library has different resources that the system can call on depending on the need. Each script authenticates itself with the system by use of the Authentication library which forwards all resource requests to the proper function library. If a user wishes to login, a request is made to the Project Windstone library, which packages the request using the Project Windstone authentication protocol and forwards that request to the Project Windstone server. The process is reversed to provide a pass/fail response and, if authenticated, the successful response will include a token for referencing the user to the Project Windstone server for all future requests during their session. If the user wishes to upload a file to the server, their request is forwarded to the Encryption library, which will be responsible for creating an encrypted archive of the file in a secure format. Other specialized features, like cleaning tainted data or recognizing potentially-malicious requests from a user or external source, are processed through the Transport library, which oversees and handles all data moving from one area to another. Many of the more common attacks against site systems are neutralized or thwarted through the Transport library (like SQL and Javascript injections, or malformed POST/GET variable attacks). Other security implementations include session-hijacking neutralization and banning facilities, which are handled by the Sessions and Security libraries, respectively.
A vast majority of these facilities are already integrated into the current site system for our brigade. However, this project is focusing on expansion of those facilities and creating even more features and resources that will provide for a ever-changing brigade and its needs.
For more information and the design specifications on Project FireSide, please refer to the following URL:
http://specops.x-mirror.com/fireside.php |
|
This article was imported from zZine. (original author: Soundwave)
There are no replies to this post yet.
|