river-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Peter Firmstone <j...@zeus.net.au>
Subject Re: Towards Internet Jini Services (dos attacks) Smart Proxy Isolation
Date Sun, 03 Oct 2010 20:04:23 GMT
Sim IJskes - QCG wrote:
> On 10/03/2010 11:00 AM, Peter Firmstone wrote:
>> I've got some thoughts about how to isolate a smart proxy, please tell
>> me yours:
> Are you sure you want to go the technical way, almost adding a 
> function, missing from the VM and runtime libraries, just because you 
> want to download anything you want, and execute it immediately?

Because it's possible and will improve security, I think we should 
investigate it further, this could allow us to unmarshall the proxy and 
determine trust without changing the Jini Service model.  There's still 
Service UI to consider too, but that happens after determining trust.  
We need to be immune to DOS attacks during the period we're trying to 
determine trust.

> Isn't the general advice we give to people, think before you download, 
> and can't we extend this to jini?

This should still be the advice, for full functionality, some level of 
trust will be required.  If you were client of a service, the trust 
you'd have for NASA or a University, would be different to the trust 
you'd give a large corporation connected with advertising, or a poor 
history of leaking personal details.

I think we need some new feedback based services to assist with trust 

> I see many similarities to having a jini code clearinghouse and mobile 
> application appstores. I just don't want to limit peoples choices to 1 
> single appstore, and don't want to expose them to the naive keystore 
> model used for https, where 1 faulty certificate authority can 
> deteriorate the whole system.

I agree, I think we need pgp's web of trust, the infrastructure is 
available now, public key servers etc, the technology's proven.  The 
Bouncy Castle has a pgp provider we can plug in.



View raw message