server/client design: security handling concern

puzzlecracker · Sep 21, 2006

Here my general road map.... for multithreaded chat program
(client/server):

Client sends users name, server responds with SecretKey, then users
send the encrypted password. Server responds with ConnectionObject to
indicate the status. All the communication between client and server is
encrypted thereafter.

it is pretty simple program, and I am thinking of using NIO .. What is
the good architecture for such problem?

what is de facto way to approach the design. Thanks

Thomas Hawtin · Sep 21, 2006

puzzlecracker said:
Client sends users name, server responds with SecretKey, then users
send the encrypted password. Server responds with ConnectionObject to
indicate the status. All the communication between client and server is
encrypted thereafter.

The server responds by sending a secret key in the clear?

I suggest using existing procedures/protocols/standards/code. See
javax.net.ssl, for instance.

it is pretty simple program, and I am thinking of using NIO .. What is
the good architecture for such problem?

I guess start by googling "reactor pattern".

Admittedly, I don't have a copy of this volume, or have even read it,
but "Pattern-oriented Software Architecture Vol 2: Patterns for
Concurrent and Networked Objects" seems to fit:

http://www.amazon.co.uk/gp/product/0471606952/

Tom Hawtin

Need your recommendations for TCP Server/Client design	7	May 23, 2008
client server socket interaction (inetd)	7	Feb 17, 2011
Another Client Server Program	3	Apr 8, 2007
Chat client/server print failed	14	Jan 16, 2008
Urgent opening for C++ Software Design Engineer	0	Jul 31, 2009
urgent opening for VB, SQL Server developer with direct client in NY	0	Jun 4, 2008
API design for Python 2 / 3 compatibility	3	Apr 13, 2013
TCP Server/GServer	3	May 24, 2008

server/client design: security handling concern

puzzlecracker

Thomas Hawtin

Ask a Question

Similar Threads

Members online

Forum statistics

Latest Threads