CORBA and MASIF standards recognize the security requirement by imposing tools and mechanisms to enforce security when interacting with external components. Accordingly to this guideline, MESIS addresses the security threats introduced by interoperating with CORBA. On the one hand, sending/receiving CORBA requests/replies requires channel encryption to ensure privacy on exchanged messages. On the other hand, the possibility for MESIS agents to act as CORBA servers and for MESIS localities to host agents from other MA platforms calls for mechanisms for client/agent authentication, auditing and access controlling. MESIS provides security solutions compliant with both CORBA Security Services and MASIF security specifications. We have worked also on providing MESIS compliance with the Secure Inter-ORB Protocol for enabling secure interactions even between entities resident on different ORBs, provided that they adopt the same security technology.

Finally, MESIS gives users the possibility to choose the best trade-off between security needs and required performance, according to the intended usage (see Figure 4): agents in trusted environments, e.g. a private Intranet of a department, could directly access resources after the authorization check, while agents moving in untrusted environments, e.g. the Internet, generally have to pass all security steps for secrecy, integrity, authentication and authorization.

Figure 4. Different Security Checks in Trusted/Untrusted Environments (click here for a larger view of the picture)