Sponsored Link •
Bob Scheifler talks with Bill Venners security constraints and Jini's
Many potential applications of Jini require network security. Although various third parties have made proprietary security extensions to Jini, until now the only security available to users of the standard Jini release is the security infrastructure of the Java platform. The Jini Community's Davis project is about to change that. Bob Scheifler is leading the development of the next release of Jini, in which security is the central concern, as part of the Davis project.
On Friday, April 12, 2002 Bill Venners visited the Sun Microsystems campus in
Burlington, Massachusettes and interviewed
Bob Scheifler, Sun Distinguished Engineer and architect in the Jini Group.
In Part I of this interview, Scheifler discusses the need for security in Jini and the special security considerations
of dynamically downloaded code.
In Part II, Scheifler describes the mechanisms used to determine whether a proxy should be trusted.
In Part III, Scheifler covers the mechanisms used to achieve object integrity.
In this fourth installment of the interview, Scheifler discusses security constraints and the
Bill Venners: You designed a way to add network security to proxies without
changing their interfaces. You defined a
interface that a proxy can implement to become a secure proxy. Could
you talk about
Bob Scheifler: One of our goals was to add network security in a way that didn't
require us to make API changes to all of the existing service interfaces.
So we have an additional interface that proxies implement called
RemoteSecurity. It has only four methods, so it is not
very complicated. And, in fact, three of the four methods are not very
interesting. They are there for completeness. The main method is a
way of setting security constraints on the proxy. I inject security
constraints into the proxy. I tell the proxy what kind of network
security I want for subsequent remote calls that I make through that