The Artima Developer Community
Interviews | Print | Email | First Page | Previous | Next
Sponsored Link

Proxy Trust
A Conversation with Bob Scheifler, Part II
by Bill Venners
July 15, 2002

Page 1 of 8  >>


Bob Scheifler talks with Bill Venners about the mechanism of determining whether a Jini proxy should be trusted.

Many potential applications of Jini require network security. Although various third parties have made proprietary security extensions to Jini, until now the only security available to users of the standard Jini release is the security infrastructure of the Java platform. The Jini Community's Davis project is about to change that. Bob Scheifler is leading the development of the next release of Jini, in which security is the central concern, as part of the Davis project.

On Friday, April 12, 2002 Bill Venners visited the Sun Microsystems campus in Burlington, Massachusettes and interviewed Bob Scheifler, Sun Distinguished Engineer and architect in the Jini Group. In Part I of this interview, Scheifler discusses the need for security in Jini and the special security considerations of dynamically downloaded code. In this second installment of the interview, Scheifler discusses the mechanisms used to determine whether a proxy should be trusted.

Proxy Trust

Bill Venners: You mentioned that the three special security ramifications of downloaded code are mutual authorization, proxy trust, and object integrity. Why don't we go through these three aspects in more depth, starting with the second one you mentioned. How do I decide whether to trust a proxy?

Bob Scheifler: OK. Assume I have downloaded a service proxy from somewhere. I think it is proxy for some particular service that I have in mind, and now I must decide if I should trust it. The mechanism we have in place right now has two phases. One is that I can simply do a depth-first analysis of the proxy object.

Page 1 of 8  >>

Interviews | Print | Email | First Page | Previous | Next

Sponsored Links

Copyright © 1996-2018 Artima, Inc. All Rights Reserved. - Privacy Policy - Terms of Use