About Kraken
Introduction
Kraken is an OSGi based security platform which helps users develop well-designed and full-featured security appliance easily.
The Problem
I built a few security monitoring systems in recent years. (known as ESM or SIEM) There were a lot of security solutions and I had to integrate them to monitoring system by using various methods. Some systems used remote syslog logging, some systems used snmp trap, and others used proprietary API or database, etc. Log formats are also different from each other. There are many open source libraries, but there is no well-integrated application stack for special purpose. Glueing one parts to the other parts of code was just physical labor, and very hard work.
Not just between ESM and the other kind of monitoring systems, many security solutions also have same non-functional requirements: reliability, high availibility, dynamic updates, easy deployment, telnet cli, web based ui, manageability (by using snmp or jmx), other system integration (by using syslog, trap, file, or database), etc.
And also think about our major problem: the complexity. Some customers want different set of functionality or customized feature. Code branches will go on increasing. If you don't have strict versioning policy, the situation worse and worse. User or system engineer can't find out which versions of components are installed. Maybe they have to switch debug logging on and analyze a ton of logs. How can I check fine-grained internal states of systems transparently?
Solution
Kraken solves these problems. Kraken can reduce complexity through OSGi and iPOJO technologies. These two technology promotes service oriented architecture and component based programming. You can install anything dynamically on OSGi service platform. Packages are explicitly exposed and versioned. All dependencies verified automatically. By using iPOJO, you can do POJO programming and can compose all other cross-cutting concerns at runtime. Declarative programming can be supported by iPOJO. You can think iPOJO as Spring IoC, but in OSGi world.
Kraken used OSGi and iPOJO extensively, and integrated various open source projects for security platform. Integrated open source bundles expose not only its own API, but also kraken script. For example, you can load syslog receiver by typing "filter.load org.krakenapps.syslog.SyslogReceiver [alias]" and set some properties such as ip address, port and character encoding on telnet console. Do you want to start web server? Type just "http.register [alias] [port]" will starts http server and "http.setDocumentRoot [alias] [document root]" will serves static files on web server. SNMP trap receiver or syslog receiver can be chained to other user-defined filters by "filter.bind" command. It's very easy. You can assign more time on business logic.
Deployment is also very simplified. You can deploy artifacts to repository through maven deploy command. User can install these bundles through "bundle.install" command on kraken telnet console. Configuration also can be automated. You can implement setup script which installs all other required bundles, and talks with user interactively for configuration. Diagnosis also can be added. You can diagnose system states at object instance level, therefore log analysis will not be required. Auto-Diagnosis script will save a lot of time.
Of course, Kraken can be used as an OSGi platform for other domains, but I will concentrate on information security domain.
