Security issues for code to run on a cluster of Macintoshes
Security issues for code to run on a cluster of Macintoshes
- Subject: Security issues for code to run on a cluster of Macintoshes
- From: Jay Reynolds Freeman <email@hidden>
- Date: Sun, 04 Apr 2010 00:40:40 -0700
After asking in darwin-dev what group would be appropriate
for this topic (thanks Graham, Jens, and Kevin), I have
decided to bring it up here. I hope that is the correct
decision.
I am developing a Macintosh application which will be capable
of running on a cluster of Macs; that is, each of a number of
Macs will be running a copy of the application (or of part
of it) and the different Macs will communicate with each
other to coordinate activity and share data: The app is not
a web-server-and-client kind of thing; I expect to be using
Internet socket connections directly, from within the
various instances of the application. I am thereby
necessarily concerned with secure communication -- I don't
want the app or the data compromised.
So far, I have described a very general programming issue
-- possibly too general for an Apple group. What I wonder
about is what special support is available for this kind of
thing based on the fact that I am using Macintoshes, and have
all the facilities of MacOS and Xcode to develop and run with.
The app is a clustered version of Wraith Scheme, a parallel
Scheme implementation for the Mac that I have been developing
for some years. (Scheme is a variety of Lisp -- see the
"Software" page of my web site, whose home URL is given below,
if you are terminally curious.) Wraith Scheme is very
powerful, and a malicious person who accessed it remotely
could do immense damage to the system it is running on.
The picture here is a number of different instances of the
Wraith Scheme program, all running on different machines,
using the Internet both to share data and to organize the
work to be done.
The most likely sort of "cluster" is probably a bunch of
machines located physically close together, all under the
control of one user or institution; in that case the security
problem could be very simple -- just network them together
locally, take the local network off the Internet and off
wireless, and don't worry. Notwithstanding, I would like
to try to do a more professional job than that, just because.
So let's assume that the different computers are scattered
planet-wide, and that compromise of data or commands to the
Scheme programs would bring about the end of civilization
as we know it. (Why not dream big?)
I am not a network or security type, but I do know enough
to be very scared -- a bit like a mouse at a cat convention.
I do *not* want to try to reinvent the wheel myself.
Based on the reading I have done, I am inclined to implement
my cluster's connectivity using "stunnel", which as I expect
you all know, is an open-source program that snarfs unencrypted
data transmitted locally on one port, encrypts it, and sends
it out on the Internet through another port; at the
destination, another instance of "stunnel" reverses the
process. That seems to be a good way to leverage other
people's competence at writing decent code, and to use
established protocols for exchanging public keys and
establishing trust.
In the nominal case of a cluster of machines in close
physical proximity under the control of one entity, that plan
would allow the cluster to remain *on* the net while running,
and public keys could easily be distributed by sneakernet
and a USB drive.
If my approach is reasonable, I may have little need of
Macintosh-specific information, but would anyone care to
comment ...
1) Does this indeed sound like a reasonable approach?
2) Are there any Mac-specific tools available in either
MacOS itself, or perhaps in what is installed with
Xcode, that might be more appropriate or do a better
job?
I have indeed nosed around on the web and in the Xcode
developer documentation for relevant information, but
there is not a lot out there -- most of the discussion
has to do with web servers, browsers, and HTML.
I thank the group for its comments and advice, and I
apologize profusely for my regrettable state of newbieness
in all things related to cryptography and to Internet
security.
-- Jay Reynolds Freeman
---------------------
email@hidden
http://web.mac.com/jay_reynolds_freeman (personal web site)
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macnetworkprog mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden