Secure execution environment for Java electronic services
2002 (English)Licentiate thesis, monograph (Other academic)
Private homes are becoming increasingly connected to the Internet in fast and reliable ways. These connections pave the way for networked services, i.e. services that gain their value through their connectivity. Examples of such electronic services (e-services) are services for remote control of household appliances, home health care or infotainment.
Residential gateways connect the private home with the Internet and are the home access point and one execution platform for e-services. Potentially, a residential gateway runs e-services from multiple providers. The software environment of such a residential gateway is a Java execution environment where e-services execute as Java threads within the Java virtual machine. The isolation of these Java e-services from each other and from their execution environment is the topic of this thesis.
Although the results of this thesis can be applied to most Java servers-e.g. Javaenabled web browsers, web servers, JXTA, JINI-this work focuses on e-services for the private home and their execution platform. Security for the private home as a prerequisite for end user acceptance is the motivation for this approach.
This thesis establishes requirements that prevent e-services on the Java execution platform from harming other e-services on the same or other network nodes and that prevent e-services from harming their underlying execution environment. Some of the requirements can be fulfilled by using the existing Java sandbox for access control. Other requirements, concerned with availability of e-services and network nodes, need a modified Java environment that supports resource control and e-service-specific access control. While some of the requirements result in implementation guidelines for Java servers, and in particular for the e-service environment, other requirements have been implemented as a proof of concept.
Place, publisher, year, edition, pages
Linköping: Linköpings universitet , 2002. , 112 p.
Linköping Studies in Science and Technology. Thesis, ISSN 0280-7971 ; 991
Java, security, Residential Gateway, threads, resource control
IdentifiersURN: urn:nbn:se:liu:diva-24387Local ID: 6480ISBN: 91-7373-561-2OAI: oai:DiVA.org:liu-24387DiVA: diva2:244705
2002-12-12, Alan Turing, Hus E, Linköpings Universitet, Linköping, 10:15 (Swedish)