By Topic

Secure code distribution

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

1 Author(s)
X. N. Zhang ; 955 Escalon Avenue, Sunnyvale, CA, USA

The Java Virtual Machine does not offer a way for code obtained from trusted sources to be granted extra rights. The article describes two approaches to authentification for code distribution: one extends the JVM to include a digital signature in applets; the other uses MIME encapsulation to take advantage of available security infrastructures. The signed-applet approach gives a programmer more flexibility because it addresses the security issues at a more fundamental level. However, signed-applet security mechanisms may vary for different code distribution schemes, making integration difficult. The MIME-based approach provides a unified security interface. It is more efficient in the sense that all classes can be encapsulated in one multipart attachment, and a single signature or verification operation will cover all classes. The approaches can also be combined and tailored to satisfy various requirements. Ultimately, operating systems must support the concept of a secure compartment so that separate resource management policies can be implemented for the secure compartment and the rest of the system

Published in:

Computer  (Volume:30 ,  Issue: 6 )