When to Trust Mobile Objects: Access Control in the Jini(tm) Software System

Santa Barbara, California August 01-August 05

DOI Bookmark:

http://doi.ieeecomputersociety.org/10.1109/TOOLS.1999.787541

Technology of Object-Oriented Languag ...

	This Article
	PURCHASE ARTICLE: $19 PDF HTML IEEE Xplore Subscribers
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Charles Crichton Articles by Jim Davies Articles by Jim Woodcock

	ASCII Text	x
	Charles Crichton, Jim Davies, Jim Woodcock, "When to Trust Mobile Objects: Access Control in the Jini(tm) Software System," Technology of Object-Oriented Languages, International Conference on, pp. 116, Technology of Object-Oriented Languages and Systems, 1999.

	BibTex	x
	@article{ 10.1109/TOOLS.1999.787541, author = {Charles Crichton and Jim Davies and Jim Woodcock}, title = {When to Trust Mobile Objects: Access Control in the Jini(tm) Software System}, journal ={Technology of Object-Oriented Languages, International Conference on}, volume = {0}, year = {1999}, isbn = {0-7695-0278-4}, pages = {116}, doi = {http://doi.ieeecomputersociety.org/10.1109/TOOLS.1999.787541}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Technology of Object-Oriented Languages, International Conference on TI - When to Trust Mobile Objects: Access Control in the Jini(tm) Software System SN - 0-7695-0278-4 SP EP A1 - Charles Crichton, A1 - Jim Davies, A1 - Jim Woodcock, PY - 1999 KW - Jini KW - Java KW - remote method invocation KW - marshalled objects KW - access control KW - security VL - 0 JA - Technology of Object-Oriented Languages, International Conference on ER -

Charles Crichton, Oxford University

Jim Davies, Oxford University

Jim Woodcock, Oxford University

Future developments in computing, and in consumer electronics, will involve a considerable degree of convergence: applications will work together to locate and provide services. If this convergence is to be implemented successfully, then a shared model for reliable service provision is required.The recently-released Jini(tm) Software System (1.0) is an attempt to meet this requirement through object-orientation. Based entirely upon existing Java(tm) 2 technology, Jini is a set of protocols and programming models for peer-to-peer service provision using downloaded code and remote method invocation.This paper examines the way in which the Jini Software System will be used. It shows that the existing mechanisms for access control and secure operation provided by Java may prove inadequate in a Jini environment: a Jini-enabled device will be vulnerable to attack from its peers. Similar problems may be encountered in other, related technologies, such as Enterprise Java Beans.An account of the Jini technology is followed by an exploration of the inadequacies and vulnerabilities; concrete examples are provided to illustrate the possible attacks. The paper ends by showing how the existing specification may be enhanced to produce a secure system without significantly reducing either functionality or flexibility.

Index Terms:

Jini, Java, remote method invocation, marshalled objects, access control, security

Citation:

Charles Crichton, Jim Davies, Jim Woodcock, "When to Trust Mobile Objects: Access Control in the Jini(tm) Software System," tools, pp.116, Technology of Object-Oriented Languages and Systems, 1999

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.