Trade-offs in a Secure Jini Service Architecture

  • Peer Hasselmeyer
  • Roger Kehr
  • Marco Voß
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1890)

Abstract

Jini is an infrastructure built on top of the mobile code facilities of the Java programming language enabling clients and services to spontaneously engage in arbitrary usage scenarios. For a small home or office environment the currently available infrastructure might be adequate, but for mission-critical applications it lacks essential security properties. In the sequel we identify weak points in the Jini architecture and its protocols and propose an extension to the architecture that provides a solution to the identified security problems. We describe the design choices underlying our implementation which aims at maximum compatibility with the existing Jini specifications.

References

  1. [BPSM98]
    Bray, T., Paoli, J., Sperberg-McQueen, C.M.: Extensible Markup Language XML 1.0. W3C (February 1998), Available at http://www.w3.org/TR/1998/REC-xml-19980210
  2. [CZH+99]
    Czerwinski, S., Zhao, B.Y., Hodes, T., Joseph, A., Katz, R.: An Architecture for a Secure Service Discovery Service. In: Fifth Annual International Conference on Mobile Computing and Networks (MobiCOM 1999), Seattle, WA (August 1999)Google Scholar
  3. [Gon98]
    Gong, L.: Java Security Architecture (JDK 1.2). Technical report, Sun Microsystems Inc. (October 1998)Google Scholar
  4. [Per99]
    Perlman, R.: An Overview of PKI Trust Models. IEEE Network 13(6), 38–43 (1999)CrossRefGoogle Scholar
  5. [Pop99]
    Popovici, A.: ITISSL - A Java 2 Implementation of the SSL API based on SSLeay/OpenSSL (1999), http://www-sp.iti.informatik.tu-darmstadt.de/itissl/
  6. [RG98]
    Rubin, A.D., Geer, D.E.: Mobile Code Security. IEEE Internet Computing 2(6), 30–34 (1998)CrossRefGoogle Scholar
  7. [Sun99a]
    Sun Microsystems Inc. Java Remote Method Invocation Security Extension (Early Look Draft 2) (September 1999)Google Scholar
  8. [Sun99b]
    Sun Microsystems Inc. Jini Architecure Specification – Revision 1.0.1 (November 1999)Google Scholar
  9. [Sun99c]
    Sun Microsystems Inc. Jini Discovery and Join Specification – Revision 1.0.1 (November 1999)Google Scholar
  10. [Sun99d]
    Sun Microsystems Inc. Jini Lookup Service Specification – Revision 1.0.1 (November 1999)Google Scholar
  11. [VGPK97]
    Veizades, J., Guttman, E., Perkins, C., Kaplan, S.: Service Location Protocol (SLP). Internet RFC 2165 (June 1997)Google Scholar
  12. [Wal99]
    Waldo, J.: The Jini Architecture for Network-centric Computing. Communications of the ACM 42(7), 76–82 (1999)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2000

Authors and Affiliations

  • Peer Hasselmeyer
    • 1
  • Roger Kehr
    • 1
  • Marco Voß
    • 1
  1. 1.Department of Computer ScienceDarmstadt University of Technology 

Personalised recommendations