Java Virtual Machine Specification
Java Virtual Machine Specification
EMail With A Mind of Its Own: The Safe-Tcl Language for Enabled Mail
Proceedings of the IFIP TC6/WG6.5 International Conference on Upper Layer Protocols, Architectures and Applications
Java Security: From HotJava to Netscape and Beyond
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
Proceedings of the conference on TRI-Ada '97
Security issues surrounding programming languages for mobile code: JAVA vs. Safe-Tcl
ACM SIGOPS Operating Systems Review
Design of Extensible Component-Based Groupware
Computer Supported Cooperative Work
Towards Secure Downloadable Executable Content: The Java Paradigm
SAFECOMP '98 Proceedings of the 17th International Conference on Computer Safety, Reliability and Security
A review of information security issues and respective research contributions
ACM SIGMIS Database
A mobile-based marketing information management system
CBMS'03 Proceedings of the 16th IEEE conference on Computer-based medical systems
Optimal assignment of mobile agents for software authorization and protection
Computer Communications
ADoCSI: towards a transparent mechanism for disseminating Certificate Status Information
Computer Communications
Hi-index | 4.10 |
The Java Virtual Machine does not offer a way for code obtained from trusted sources to be granted extra rights. This article describes two approaches to authentification for code distribution: One extends the JVM to include a digital signature in applets; the other uses MIME encapsulation to take advantage of available security infrastructures. The signed-applet approach gives a programmer more flexibility because it addresses the security issues at a more fundamental level. However, signed-applet security mechanisms may vary for different code distribution schemes, making integration difficult. The MIME-based approach provides a unified security interface. It is more efficient in the sense that all classes can be encapsulated in one multipart attachment, and a single signature or verification operation will cover all classes. The approaches can also be combined and tailored to satisfy various requirements. Ultimately, operating systems must support the concept of a secure compartment so that separate resource management policies can be implemented for the secure compartment and the rest of the system.