Secure code distribution
- 1 June 1997
- journal article
- Published by Institute of Electrical and Electronics Engineers (IEEE) in Computer
- Vol. 30 (6) , 76-79
- https://doi.org/10.1109/2.587552
Abstract
The Java Virtual Machine does not offer a way for code obtained from trusted sources to be granted extra rights. This article describes two approaches to authentification for code distribution: One extends the JVM to include a digital signature in applets; the other uses MIME encapsulation to take advantage of available security infrastructures. The signed-applet approach gives a programmer more flexibility because it addresses the security issues at a more fundamental level. However, signed-applet security mechanisms may vary for different code distribution schemes, making integration difficult. The MIME-based approach provides a unified security interface. It is more efficient in the sense that all classes can be encapsulated in one multipart attachment, and a single signature or verification operation will cover all classes. The approaches can also be combined and tailored to satisfy various requirements. Ultimately, operating systems must support the concept of a secure compartment so that separate resource management policies can be implemented for the secure compartment and the rest of the system.Keywords
This publication has 4 references indexed in Scilit:
- Java security: from HotJava to Netscape and beyondPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2002
- MIME E-mail Encapsulation of Aggregate Documents, such as HTML (MHTML)Published by RFC Editor ,1997
- The MIME Multipart/Related Content-typePublished by RFC Editor ,1997
- MIME (Multipurpose Internet Mail Extensions) Part One: Mechanisms for Specifying and Describing the Format of Internet Message BodiesPublished by RFC Editor ,1993