Newsletter sign-up
View all newsletters

Sign up for our technology specific newsletters.

Enterprise Java
Email Address:
JavaWorld.com

Lucent brews Inferno

New combination language/OS has designs on network communications

By George Lawton, JavaWorld.com, 10/01/96

  • Digg
  • Reddit
  • SlashDot
  • Stumble
  • del.icio.us
  • Technorati
  • dzone

Page 3 of 5

But Inferno does not have a way of automatically preventing rogue programs from attacking your machine. Instead, it relies on a system of trust of some authenticating authority that is believed to be reliable. An administrator must sign secure resources to guarantee their validity and behavior.

This approach works fine when there are only a few trusted programmers creating applets. But what happens when you have millions of programmers creating applets that are distributed around the world? Arthur van Hoff, one of the developers of Java and the current CTO of Marimba Inc., pointed out, "Security through encryption at some point involves trust, and that is really hard. It works if I can trust Microsoft, but if I visit a Web page from a student in Pakistan, do I trust it? If you build a language that has security only through encryption -- that is a losing battle.

"Who will be that certification authority?" van Hoff asked. "Do you trust everyone with a drivers license to drive your car? That works great if there are 10 drivers in the world, but...it breaks down when there are millions and millions of drivers because the [department of motor vehicles] cannot check everyone really thoroughly.

"A certification authority works great with a thousand software developers," van Hoff said, "but not 100 million -- and I want a world with 100 million Java programmers."

With Java, the encryption security APIs are in the process of being developed, but this does not mean they came as an afterthought. Marianne Mueller, a JavaSoft security expert, notes that security has been important to Java from its inception. "Incremental development is not the same as tacking it on after the fact. It is a reality of software that incremental development is the way things get built. I believe that doing small, incremental releases that stick to API compatibility is a sensible development path, and I would not describe it as tacking things on."

Encryption security was purposefully left out in the beginning, noted van Hoff, so that it would be easier to ship Java tools internationally without running into export restrictions on encryption. "Java is supposed to be a universal language, and to get universal export rights is hard. That is why we did not [employ] encryption in the first place."

At this point, security of Java applets is controlled by limiting the resources they can access, but that will change when digital signatures are incorporated into Java. Mueller explained, "Applets in general are not allowed to read and write to the local machine and the Net. With digital signatures, we will be able to loosen those restrictions, so applets can have unlimited authority. We are working on a more advanced architecture to support flexible security policies."

Comparing Limbo to Java

To relate the Java programming language to the Inferno environment, you must look at Lucent's Limbo language to make an apples-to-apples comparison. One advantage of Limbo is that concurrency and communication are built into the language. A "channel" is used to connect Limbo applications on the same machine or across a network. The channel transports its data in a machine-independent format, which enables complex data structures to be passed around or attached to files.

  • Digg
  • Reddit
  • SlashDot
  • Stumble
  • del.icio.us
  • Technorati
  • dzone
Comment
Login
Forgot your account info?
Add comment
Anonymous comments subject to approval. Register here for member benefits.
Have a JavaWorld account? Log in here. Register now for a free account.
Resources