Sim IJskes - QCG wrote:
On 29-09-10 10:26, Zoltan Juhasz wrote:
I'll think about it a bit more and come back with issues. Let's discuss
where Jini should be heading on the Internet.
I think, there is no other direction than going internet. Currently
people and organisations like to make a simple distinction. LAN is safe,
internet is not. With the proliferation of trojans, and the knowledge to
writing them, the concept of a safe LAN is impossible te keep. So
instead of following the crowd with increasing investment in firewalls,
IDS technology to keep our LAN clean, we should jump in at the other
end. Expose our technology to the most dangerous environment possible.
The Internet! A jini enabled device should survive and maintain their
function, when deployed on the internet. We should create best practices
for internet deployment and work on the biggest hurdles right now, which
are:
- lack of broadcast capabilities
- firewalls
- trust relations
Another way of looking at it is "Towards Internet Jini Services, (why
not)".
The only way we are going to find out whether Jini is viable on the
Internet is to investigate it and see if there are any issues we cannot
solve. If there is a killer issue, knowing what it is, and hardening
Jini as much as we can, will tell us the minimum properties an intranet
needs to be a safe Jini environment. It would also provide a research
question that might be fed back into universities as a challenge for
security researchers.
I think the objective should be to either make it work, or understand
and be able to state exactly why it cannot be made to work.
Patricia
