declared, visible, and open coupling

Trust has to be established.

Donald Evans — Tue, 24 Oct 2006 21:20:19 GMT

<i>Perhaps it will only accept calls that have an ID if the call comes from a known composite service or from a known IP address? Perhaps digital signatures are required?</i>

I have a tangential question, on the topic of trust, that is prodded by recent projects and my questioning of the tradeoffs I have made in the design and implementation to balance deadlines, functionality, security, and expectations of imminent reuse:

Is there a defined standard -- ideally, a framework and API, or perhaps a documented design pattern -- for establishing trust at the level of calling a method on a public interface, or at the level of obtaining a reference to a public interface?

You've suggested an IP address lookup as well as digital signatures to establish trust. The .NET framework seems to require a (partial) public key to be registered with a .NET-specific security policy before interface calls are permitted. I've used cryptographic hashing to authenticate credentials sent into the public interface before I trust the caller.

Why the proliferation of approaches, particularly if the ultimate design goal is to reuse mature services that are already best implemented? For example: your suggestion of using digital signatures -- via the certificate APIs in the cryptography framework -- seems like the best implementation.

re: declared, visible, and open coupling

NickMalik — Wed, 25 Oct 2006 01:47:13 GMT

Good question. Why many mechanisms? I think because there are assumptions in each mechanism about the environment in which the mechanism would be the most appropriate.

By 'environment,' I include both the technical infrastructure used to manage authorization as well as the business climate and culture with respect to the control (and potentially the financing) of shared services.

An old saw that gets bantered around is "software reflects the organization that builds it." I think the same applies to the standards used by our services infrastructure. There are different approaches and different standards because there are different organizations.

Is there one right answer? Darned if I know.

Digital signatures are particularly appealing to me.

As far as "is there a defined standard," to be fair, I don't know how to answer that. There are some standards about providing credentials. However, the WS standards all assume that the service itself will step through some additional work to decide of the credentials of the user match the called function. That work isn't "out of the box" as far as I know.

re: declared, visible, and open coupling

Udi Dahan -The Software Simplist — Fri, 27 Oct 2006 01:54:12 GMT

Always a pleasure, Nick Malik's Inside Architecture blog hits another one out of the park. <a href="http://blogs.msdn.com/nickmalik/archive/2006/10/22/declared-visible-and-open-coupling.aspx">Declare, Visible, and Open Coupling</a> gives me exactly the kind of meaty examples I like to sink my teeth into. The fact that I disagree with Nick's solution makes this even more interesting, since I usually do a lot of head-nodding when I read his stuff.

<a href="http://udidahan.weblogs.us/archives/037010.html">Continued here</a>

Alas, We must differ...

Inside Architecture — Fri, 27 Oct 2006 13:09:14 GMT

Udi Dahan posted an interesting reply to a recent posting of mine . In my post, I go into detail to present

New and Notable 117

Sam Gentile — Tue, 25 Sep 2007 10:06:21 GMT

I am still reeling from seeing the Red Hot Chili Peppers with Mars Volta 2 nights ago in Philly at the