S
Syed Naveed Ausaf
Hi all,
My scenario is this:
Central Server: on which a number of remote machines invoke services
(implemented as web services, but doesn't matter what the choice of
implementation is).
Remote Servers: These are machine running at various sites worldwide.
Each remote server would be on a separate network and separated from
the internet by firewalls.
I have control over the central server and the firewall configuration
for it but little or no control over the firewall configuration of the
remote servers.
Standalone server processes will be running on all the servers. The
server process on the remote server needs to communicate with the
server process running on the Central server. This communication is
occuring automatically and will continue to occur indefinitely, with
no human involvement.
The communication is encrypted using SSL.
QUESTION: What authentication method should I use at the Central
Server to authenticate the Remote Servers?
I thought of using usernames and passwords. the problem is that in the
given scenario, they would need to be stored onto the Remote Server in
a file or registry.
What about Client Certificates? I will have install-time control of
the remote server. So I can then install a certificate issued by the
Central Server(acting as Certificate Authority) onto the Remote
Server. Bur are there any management/logistical/operational issues
with using client certificates?
Are there any other options to let the Central Server authenticate the
individual Remote Servers?
I am a bit confused in choosing between usernames/passwords and client
certificates. While its true that usernames/passwords can be read by
anyone from wherever they are stored, but then, I think, that the
client certificates could somehow also be taken/copied off the Remote
Server and transported/installed elsewhere. Is copying/hacking client
certificates much more difficult than reading passwords/usernames? One
thing is given, that the Remote Server's security, and the people
managing the Remote Server are quite trusted (but then you can't trust
someone too much!).
What are my client authentication options? what are the things I
should bear in mind when deciding on an option?
Thanks a lot...
My scenario is this:
Central Server: on which a number of remote machines invoke services
(implemented as web services, but doesn't matter what the choice of
implementation is).
Remote Servers: These are machine running at various sites worldwide.
Each remote server would be on a separate network and separated from
the internet by firewalls.
I have control over the central server and the firewall configuration
for it but little or no control over the firewall configuration of the
remote servers.
Standalone server processes will be running on all the servers. The
server process on the remote server needs to communicate with the
server process running on the Central server. This communication is
occuring automatically and will continue to occur indefinitely, with
no human involvement.
The communication is encrypted using SSL.
QUESTION: What authentication method should I use at the Central
Server to authenticate the Remote Servers?
I thought of using usernames and passwords. the problem is that in the
given scenario, they would need to be stored onto the Remote Server in
a file or registry.
What about Client Certificates? I will have install-time control of
the remote server. So I can then install a certificate issued by the
Central Server(acting as Certificate Authority) onto the Remote
Server. Bur are there any management/logistical/operational issues
with using client certificates?
Are there any other options to let the Central Server authenticate the
individual Remote Servers?
I am a bit confused in choosing between usernames/passwords and client
certificates. While its true that usernames/passwords can be read by
anyone from wherever they are stored, but then, I think, that the
client certificates could somehow also be taken/copied off the Remote
Server and transported/installed elsewhere. Is copying/hacking client
certificates much more difficult than reading passwords/usernames? One
thing is given, that the Remote Server's security, and the people
managing the Remote Server are quite trusted (but then you can't trust
someone too much!).
What are my client authentication options? what are the things I
should bear in mind when deciding on an option?
Thanks a lot...