Security pack

Authenticate users before they can have access to specific applications or services, using varying levels of security from simple username/password systems to protocol encryption and full certificate management.

On the device
The standard Caboodle security model encrypts all data transfered to and from the device.

The security pack adds another level of security features to the standard Caboodle security model. For example, you can implement your own 'over the air' encryption protocol or select from a range of standardize device security features.

Firewalls & Routers
The caboodle gateway is designed to work without disrupting your current security infrastructure, for example caboodle traffic can be tunneled through standard HTTP or HTTPS port configurations or even through your web or Internet server architecture.

Security Plugins
Security Gateway plugins can implement bespoke encryption algorithms and traffic logging, shaping and blocking features. Also plugins can be used to add security functions not available in the standard gateway - for example, Raven™ uses a list of users and their passwords is stored within the gateway server.

JAAS Connector :
The JAAS connector provides standardized access to Java authentication and authorization services. For example a user could share an identity and password between their Internet and mobile phone logins via this connector.

Enabling authentication
On the device you enable authentication by using the Caboodle MIDP security pack as follows

//Obtain a security provider
SecurityProvider securityProvider=SecurityFactory.getProvider();

//Once the provider has been instantiated all service method
//invocations will fail unless the gateway athenticates
 
securityProvider.authenticate("user","password","security domain");

The default gateway authentication connector encrypts all data transfered to and from the device.

The default authentication database is a simple properties file with user name to password mappings, however, you can plugin your own authentication connector and provide your own implementation.

Writing a security connector
To plugin your own security connector all you need to implement the following interface and then modify the gateway configuration to tell the Caboodle server to load your secuirty connector. No modification to the device security pack is required.

interface SecurityConnector extends Remote{
   void authenticate(String user,String pw,String domain)
       throws RemoteException

}

Once your custom security connector has been loaded by the gateway all requests for authentication will be routed from the device to your connector.

The source code for the default security connector is provided with the security pack to give developers a starting point for integrating custom security connectors.

Need more information?
If you would like to speak to one of our technical team about the Security Pack, please send an email to contact us

Developer tools
Net Caboodle provides IDE plugins for NetBeans and Eclipse

 

  
Location pack | Transactions pack | Gateway | Windows Mobile® 5.0 connector pack

 

Copyright notice

The information within this document remains the sole property of Net Caboodle - www.netcaboodle.com

No part of this document may be copied or reproduced in any form or by any means, and the information
contained within it is not to be communicated to a third party, without the prior written consent of
Net Caboodle. All trademarks remain the property of their respective owners. NetCaboodle, Caboodle server
and Raven are all trademarks of Net Caboodle.