Salutations

[Derek Atkins]

David Merrill <dmerrill@lupercalia.net> writes:

> So what are the requirements? What exactly do you mean by strong
> security?

I'm still working through the requirements.  I definitely want all
network traffic encrypted with at least 3-DES or AES (Rijndael).  I'd
like to have a flexible authorization model, and be able to control
access to individual "objects."  Whether that means individual
transactions or accounts, I'm not sure.  As I said, I'm still working
through the requirements.

By 'strong security' I mean using something more than just a
username/password stored in the database.  Indeed, I'd prefer to NOT
build our own authentication system.  Instead, I'd like to store only
authorization information ourselves, and use an external,
cryptographic authentication system.  I was thinking that I'd like to
support Kerberos, and I'd have no objections to making using pluggable
authentication to support other mechanisms.

I suppose we might have to support a username/password scheme, as much
as I'd prefer not to.  If we do, then I would require that strong
encryption MUST be used if username/password authentication is used.

> I know plenty about databases, but only bits and pieces about
> security. Hopefully between us and others on the project we'll get it
> done right.

Agreed.  Hopefully between you, ABS, and myself we can design a good
system. :)

-derek
-- 
       Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
       Member, MIT Student Information Processing Board  (SIPB)
       URL: http://web.mit.edu/warlord/      PP-ASEL      N1NWH
       warlord@MIT.EDU                        PGP key available