Curious hospital staff peeking at medical records of famous people. Snoopers grabbing passwords and traveling from machine to machine across a private network. Practical jokers changing documents under the noses of their authors.

These stories are scary, and they really do happen. Computer security affects all of us, not just banks or military sites. And security is particularly critical in network applications, since an outsider can so easily gain network access and pose as a trusted user.

Here lies one of the greatest strengths of the Distributed Computing Environment (DCE) from the Open Software Foundation (OSF). DCE offers the most complete, flexible, and well-integrated network security package in the industry. The only problem is learning how to program it.

Actually, DCE security is not that difficult — you just have to understand the reasons for it and what is expected of you as the applications programmer. There's a lot of code to write, but the tasks are straightforward once you have designed your application.

The heart of DCE security lies in Access Control Lists (ACLs). But before you start to play with these, you have to do some design work. For instance, ACLs need to be stored on disk so that they can last between runs of the application.

This book helps you plan your application and lay the groundwork for ACLs, as well as use the calls that come with the DCE security interfaces. It covers the purpose of DCE security, how the whole system fits together, what is required of the programmer, and how to figure out what needs protecting in an application. Using a sample application, increasingly sophisticated types of security are discussed:

Authenticating andauthorizing the client and server. Using ACLs for authorization. The notorious, dreaded ACL manager — which isn't so hard to write after all.

This book focuses on version 1.0 of DCE. However, issues in version 1.1 are also discussed so you can migrate to that interface.

A guide to security programming in the Open Software Foundation's Distributed Computing Environment (DCE). It addresses DCE security requirements, how the system works, what is required of the programmer, and how to figure out what needs protecting in an application. It focuses on DCE 1.0 but includes discussion of 1.1 issues, and illustrates concepts through a complete working application.
Annotation c. Book News, Inc., Portland, OR (booknews.com)

Credit for out-of-print titles will not be issued if shipment is 90 days (retailers)/ 120 days (distributors) past our out-of-print notification. We are accepting stripped covers as returns on all titles, except those marked "stripped covers NOT acceptable". Please provide paperwork listing title, ISBN, quandty being returned, and invoice information.

All books are available for purchase until approximately four weeks before the final out-of-print return date. However, any books to be returned must be received by the final out-of-print date for credit qualification. After the final out-of-print return date, titles will not accepted for credit, but will be available for purchase on a non-returnable basis — while supplies last.