This Article 
   
 Share 
   
 Bibliographic References 
   
 Add to: 
 
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb
 
 Search 
   
Secure Code Distribution
June 1997 (vol. 30 no. 6)
pp. 76-79

The Java Virtual Machine does not offer a way for code obtained from trusted sources to be granted extra rights. This article describes two approaches to authentification for code distribution: One extends the JVM to include a digital signature in applets; the other uses MIME encapsulation to take advantage of available security infrastructures.

The signed-applet approach gives a programmer more flexibility because it addresses the security issues at a more fundamental level. However, signed-applet security mechanisms may vary for different code distribution schemes, making integration difficult.

The MIME-based approach provides a unified security interface. It is more efficient in the sense that all classes can be encapsulated in one multipart attachment, and a single signature or verification operation will cover all classes.

The approaches can also be combined and tailored to satisfy various requirements. Ultimately, operating systems must support the concept of a secure compartment so that separate resource management policies can be implemented for the secure compartment and the rest of the system.

Citation:
X. Nick Zhang, "Secure Code Distribution," Computer, vol. 30, no. 6, pp. 76-79, June 1997, doi:10.1109/2.587552
Usage of this product signifies your acceptance of the Terms of Use.