Thanks for the your answers. > > 4. If the answer to questions 1. and 2. is no (i.e. no security in kernel), > > would you rather develop security in each Container? > > Not sure what you mean by "Container" in this context. Typically we talk about > Merlin being a Container, but I assume you are thinking of something else.
In many systems I have looked at, a kernel typically starts several containers which in turn may start other containers/applications. The question is whether not to introduce security in kernel, but rather introduce it in higher level layers (with kernel as the lowest level layer)? If one thinks of a simple kernel (say a micro kernel), the kernel does not want to be doing too many things. it simply manages the higher level layers, but it is the responsibility of the higher level layers to take care of things like error management, security etc. I am not asserting this to be a fact, but rather ask you for your opinion? Best Regards -- Nader Aeinehchi Aasenhagen 66 E 2020 Skedsmokorset NORWAY Direct and Mobile +47 41 44 29 57 Tel (private): +47 64 83 09 08 Fax +47 64 83 08 07 www.aeinehchi.com ----- Original Message ----- From: "Niclas Hedhman" <[EMAIL PROTECTED]> To: "Avalon Developers List" <[EMAIL PROTECTED]> Sent: Saturday, April 03, 2004 12:11 PM Subject: Re: Secure Kernel in Merlin > On Saturday 03 April 2004 17:53, Nader Aeinehchi wrote: > > 1. Would it be an idea to build in security in default kernel? Are there > > any reasons not to build security in default kernel? 2. If the answer in > > question 1. is no, would it be an idea to develop a SecureKernel? > > We have made some various attempts at different security mechanism at > codelevel, leveraging the standard Java security mechanism, but there are > "issues" surfacing when we get to it at a detail level. > > It is a high-priority matter, since we need to sort this out prior to moving > on to Subject level seurity, i.e. leveraging the JAAS. > > > 3. If you were going to build security in kernel (either DefaultKernel or a > > SecureKernel), would you build it upon Java's security API > > (AccessController/SecurityManager, Policy, ProtectionDomain, JAAS etc) or > > would you rather build your own security component? > > As much as possible needs to be leveraged, since we are not in the position to > dissect the basic research underlying the security matters. Sun have done > that, and we can just harness their efforts. > > > 4. If the answer to questions 1. and 2. is no (i.e. no security in kernel), > > would you rather develop security in each Container? > > Not sure what you mean by "Container" in this context. Typically we talk about > Merlin being a Container, but I assume you are thinking of something else. > > Niclas > -- > +---------//-------------------+ > | http://www.bali.ac | > | http://niclas.hedhman.org | > +------//----------------------+ > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
