The Artima Developer Community
Sponsored Link

Jini Extensible Remote Invocation
A Conversation with Bob Scheifler, Part VI
by Bill Venners
August 12, 2002

<<  Page 4 of 8  >>


Secure JERI

Bill Venners: How does JERI help Jini security?

Bob Scheifler: There is JERI and then there is secure JERI. They are roughly siblings. If you look at it architecturally, there are some elements of secure JERI that are subinterfaces of JERI. But there are some that are siblings. It really depends on whether it makes sense to be a pure subclass, where we just have to add methods. In some cases, we had to add additional parameters, for example, to existing methods. You can't do that by subclassing. We had to effectively clone the interfaces and add additional parameters. So it is not like secure JERI is a subclass of JERI. In fact, you should think of it as a sibling. It has the same protocol stack and customizability, but it is infused with all of the security constraint stuff.

The intention is that secure JERI supports the constraint model that we have defined for remote calls. If you want a service that actually obeys this network security model, then you need something that is actually going to meet the requirements of these constraints. The easiest way to do that is to pick up a protocol stack that will do it for you. Secure JERI is an instance of a protocol stack that will do that for you.

In secure JERI almost all of the constraints are implemented in the transport layer. Almost all of the constraints are transport layer security mechanisms. The only thing that is implemented at a higher layer is code integrity because that happens at marshaling time when they create class loaders to download code. So the URL integrity check is done at the marshaling layer. All the others—authentication, confidentiality, integrity—are essentially transport-level notions.

Secure JERI is portable on all of those layers. It has a generic connection interface so it doesn't have to be socket or TCP based. It is designed so that different kinds of security mechanisms can be plugged in. For example, today there is a transport implementation that does the network security using SSL/TLS (Secure Sockets Layer / Transport Layer Security). It is implemented using the Java secure socket extension. We have another transport provider in the works that is Kerberos based. It uses the JGSS Java interface to the GSS (Generic Security Service) API. That gives you Kerberos-level security. The idea is you can plug in others to suit your needs.

<<  Page 4 of 8  >>

Sponsored Links

Copyright © 1996-2018 Artima, Inc. All Rights Reserved. - Privacy Policy - Terms of Use