Gateway Security Model

Ted Goldstein

Chief Java Commerce Officer

JavaSoft

Overview

Goal: Electronic Commerce in our Lifetime

Client-side Platform for Commerce

Payment

Customer Service

Requirements for a Trustable
(not Secure) foundation

What else would you want?

Non requirements

What alternatives?

Java Provides a Good Foundation for Commerce

The Java Phenomena

All in the last 24 Internet years (24 months)

Existing Java Applet Model

Sandbox Security Model

Applets of unknown origin are restricted from doing dangerous operations

 

 

 

Signed applets are allowed access to read & write to the disk, network

Integrity of Java language

Necessary assumptions

Development Integrity

Object Integrity is preserved

Java closes the loopholes

JECF provides APIs to meet the Requirements of Commerce

Consumer Centered
Wallet User Interface

Extension by Dynamic Cassette Installation

Framework
Architecture

Merchant Applet Layer

Cassette Layer

Wallet Foundation Layer

Security

Need a fine-grain model like Capabilities

Gateway Security Model

  • Gateway is an OO Pattern [GHJV 95]
  • Uses digital signatures for authenticating access to individual Java objects
  • Assists implementing contracts

Home Banking and
Tax Reporting application

Capabilities in Java

Gates are authentication methods

Permits are objects returned by the gate

Roles are a signature

Ticket is a use-once token of the capabilities

Using a Gate

Ticket me = MyTicketFactory.create();

try {

HomeBankingPermit permit = HomeBanking.open_for_tax_reporting(me);

} catch (RoleViolationException e) {

// error handling

...

}

 

Implementing a Gate

HomeBankingPermit open_for_tax_reporting(Ticket t)

throws RoleViolationException

{

if (MyHomeBankingPublicKey.stamp(t))

return new HomeBankingPermit();

else

throw new RoleViolationException();

}

Layers of Security in Java Commerce Framework

JECF
Business Strategy

More Information

Papers, Email and Contact Info:

http://java.sun.com/commerce

Partner Information

commerce@java.sun.com

 

Return to Tracks