After a lot of reading and thinking a lot about security for Magma, some vague ideas have formed in my head for requirements:
#1 it should punish senders of bad, mal-formed or forged requests. #2 Byte and word buffers should be encrypted on disk in case the file-system is compromised. #3 messages should be secure across the public network full of nosey wire-tappers. #4 Security within the object-model (for business applications - individual object-access based on role hierarchy).
Are there any other requirements I should be considering?
Can secure sockets handle #3? If not encryption/decryption would burden the program way up in the Smalltalk layer; not good.
I've given some thought to implementation for these but am mostly focused on #1 at this time. I've posed an invitation for discussion about #1 on squeak-dev, but what does anyone think of these other requirements?
- Chris
magma@lists.squeakfoundation.org