Software middleware providers acknowledge the need for security and safety

Software middleware provides a commonly understood way for hardware and software providers to make their products work together seamlessly.

Jun 1st, 2007
Th 0706mae Prodintel

By John Keller

Software middleware provides a commonly understood way for hardware and software providers to make their products work together seamlessly.

For military and commercial systems integrators, middleware enables them to use the best technology from industry without the need for long-term relationships with only a handful of providers.

“Middleware fundamentally enables people to write applications that span several computing nodes,” explains Steve Jennis, senior vice president of corporate development at middleware provider PrismTech Corp. in Burlington, Mass.

“Middleware essentially is the guts of distributed applications; it’s the plumbing, and you build your applications on top of that,” says Gordon Hunt, chief applications engineer at middleware provider Real Time Innovations (RTI) in Santa Clara, Calif.

Middleware, Hunt explains, is infrastructure software that deals with data and/or message transfers. “At a primitive level you open a connection, send a message, and the recipient gets it,” he says. “Middleware steps in and does information transition, formatting of data, and determines where the message needs to go and who needs it.”

Not all middleware is created the same. Middleware typically is based on one of two primary software standards: CORBA, short for Common Object Request Broker Architecture, and DDS, which is short for Data Distribution Service.

In addition, middleware providers typically target different applications for their products-either real-time embedded applications, or larger enterprise-level applications.

Companies like RTI, PrismTech, and Object Interface Systems (OIS) in Herndon, Va., specialize in real-time embedded applications, whereas companies like IBM specialize in enterprise-level middleware.

RTI, for example, has been doing real-time middleware since 1995 after experts sought to commercialize middleware technology developed at Stanford University. “We have always been designed for fast real-time distribution of data,” Hunt says. “Our focus is on getting things there fast and being very efficient with the operating system.”

Whether the application calls for real-time or enterprise-level software technology, however, systems developers are discovering that they need middleware with safety and security safeguards built in-just like safety and security in software application code and operating systems.

Just as middleware can bridge the gaps between different software applications and different sets of hardware, middleware also is beginning to bridge the gaps between different levels of systems security, explains Joseph Jacob, senior vice president of sales and marketing at OIS.

Jacob uses the military example of computer systems that must handle top-secret, secret, and unclassified data. Until recently military leaders have used three separate computer systems and networks for these kinds of data so as not to give access to sensitive information to unauthorized users.

“It’s expensive, slow, and takes up a lot of space, but it works,” Jacob says. “Instead of three separate networks, we created the concept of a partitioning communications system, or PCS. It extends the benefit of a separation kernel throughout the whole network. You can have one computer with one wire going to other computers, and all those computers can have top secret, secret, and unclassified data, so you have security on the computers and on the network as well.”

At the core of OIS’s approach is the Multiple Independent Levels of Security, or MILS approach. “The theory of MILS is that right now, top-secret, secret, and unclassified data requires three separate computers and networks.”

OIS has been working with the U.S. Air Force Research Laboratory and the U.S. National Security Agency for the past five years to develop middleware that accommodates MILS principles.

“The product is PCS express, which is to be released this year, Jacob says. This product not only will be of interest to military leaders who demand different levels of secure data, but also for commercial enterprises such as banking, medical records, and related applications.

Technology like PCS Express also will help the military’s Global Information Grid (GIG) to operate in real time, Jacob says. “It’s all done in software, rather than in physical hardware implementations.”

Click here to enlarge image

null

More in Communications