Advertisement

Summary
Bob Scheifler talks with Bill Venners about the Jini security mechanisms used to achieve object integrity.

Many potential applications of Jini require network security. Although various third parties have made proprietary security extensions to Jini, until now the only security available to users of the standard Jini release is the security infrastructure of the Java platform. The Jini Community's Davis project is about to change that. Bob Scheifler is leading the development of the next release of Jini, in which security is the central concern, as part of the Davis project.

On Friday, April 12, 2002 Bill Venners visited the Sun Microsystems campus in Burlington, Massachusettes and interviewed Bob Scheifler, Sun Distinguished Engineer and architect in the Jini Group. In Part I of this interview, Scheifler discusses the need for security in Jini and the special security considerations of dynamically downloaded code. In Part II, Scheifler describes the mechanisms used to determine whether a proxy should be trusted. In this third installment of the interview, Scheifler discusses the mechanisms used to ensure object integrity. These mechanisms enable the recipient of a network mobile object to determine that both the data and code portions of the object are received intact.

Object Integrity

Bill Venners: How do you do object integrity?

Bob Scheifler: If you look at standard Jini deployments, everybody is using HTTP URLs today. The problem with that from an integrity perspective is there is nothing intrinsic in the HTTP protocol that guarantees integrity. If somebody attacks and overwhelms the HTTP server, and I ask for service-dl.jar, it can hand me whatever it wants under that name. Or it is conceivable that a third party could intercept the traffic, modify it, and return data I don't want to use. The HTTP protocol by itself isn't going cut it. We need something stronger.