Faculty Mentor:
Dr. Deepak Chahal
Student Name:
Shefali Nangia (MCA-II)
Ayushi Dogra (MCA-II)
ABSTRACT: This article talks about the Jini networking technology, initially developed by Sun Microsystems. It is an innovative technology useful for building reliable, fault-tolerant distributed applications. It allows to easily form networks to share services without previous planning, installation or administration effort, where new services can usefully join a network of other services.
As its programming model is basically, aSOA architecture so the most important concept in jini architecture is a service.
KEYWORDS: Technology, JINI, API, Computing, Model, Security.
1. INTRODUCTION
Jini technology, in simple terms is an attempt to re-think and re-define the old computer’s architecture, emphasizing more on network, wherein all the electrical devices in a particular network are made accessible and communicable with each other.
“Jini is a service-oriented architecture, based on distributed computing, that defines a programming model that both exploits and extends Java technology.”
Now, the term, Distributed Computing here refers to field of computer science that studies distributed systems that are being used in solving various computational problems. Wherein a distributed computing system environment, a problem is being divided into sub-tasks, each of which is solved by one or more independent systems.
Examples of distributed systems are massive multiplayer online games, peer-to-peer applications and SOA-based systems.
And Jini is one such service-oriented based architecture, which makes extensive use of the major java applications from single virtual machine to a network of machines.
In a Jini enabled environment, any user can plug in any kind of a device to the network and the other devices will automatically get to know about those newly added devices to the network. And all that needs to be done for achieving the same is, that all the pluggable devices needs to defined/registered immediately to the network device registry, so that whenever a user needs to access it, it’s system only needs to download the necessary programming to communicate with it, thereby, eliminating the need for having specific device drivers. Jini provides such mechanisms for devices, services, and users to join and detach from a network. And Joining and leaving a jini system has been made easy and natural often automatic.
As its programming model is basically, a service-oriented architecture so the most important concept in jini architecture is service. A Service is an entity that can be used by a person, a program, or another service. A service may be storage, a communication channel to another user, a hardware device, or another user.
Examples of services include- devices such as printers, displays or disks.
Hence, you can say that Jini helps you efficiently and effectively in building a much scalable and flexible network, well suited for distributed computing scenarios.
2. HISTORY OF JINI
Here, the word 'jini' means "the devil" in Swahili; this is borrowed from the Arabic word for a mythological spirit, originated from the Latin genius, which is also the origin of the English word 'genie'.
Jini Technology, can be referred to as a middleware, developed by Sun Microsystems, in July 1998. It provides its users, with a rich set of Application Programming Interfaces (APIs) and various protocols, along with a set of specifications and a starter kit, which includes the implementation of Jini Technology. And both of these are released under the open-source Apache 2.0 license.
And Jini Technology is also better known as “Apache River”.
2.1 Developers Of Jini
1. JIM WALDO, Lead Architect
2. BILL JOY, Lead Architect and co-founder of SunOS)
3. KEN ARNOLD, the designer of JavaSpaces™ technology.
4. ANN WOLLRATH, the inventor and designer for Java Remote Method Invocation (Java RMI)
5. BOB SHIEFLER, a principal of the X Consortium and designer of Lookup/Discovery.
3. JINI SYSTEM OVERVIEW
Jini’s lead architect, Jim Waldo claims that Jini Technology is not to be looked upon as a distributed system. It is simply a system defining a small, simple set of conventions allowing services and clients to form a flexible distributed system tolerant to changes in the environment. [1]
Jini’s various components can be broadly categorized as below:
3.1 The Infrastructure
The Jini’s infrastructure is its core and the Java Remote Method Invocation (RMI) system forms the foundation of the Jini infrastructure.
Integrated into Java RMI, helps in extending the Java platform's security model to the world of distributed systems.
Other than the Java RMI System, Jini comprises of the set of components that enables building a federated
3.1.1 The lookup service, serves as a repository of services. It helps in finding new services to the system. And all the entries in it are objects written strictly in the Java programming language.
3.1.2 The discovery and join protocols, is a service protocol that allow services, both hardware and software, to be discovered, and become a part of the association. Furthermore, there are more three discovery protocols, namely. The Multi-cast request protocol, used when an entity/device connected to the Jini network, wants to find lookup services on its local network.
The Multi-cast announcement protocol, used when a particular lookup service wants to announce its presence on the local network.
The Unicast discovery protocol, when a particular entity/device wants to connect with some specific lookup service
3.2 Programming Model
The infrastructure enables a Java-based programming model. Entries in the lookup service allows the lookup service to reflect accurately the set of currently available services. When services join or leave a lookup service, events are signaled, and objects that have registered interest in such events get notifications when new services become available or old services cease to be active.
3.2.1 The Clients and Services
In general, a Service is similar to objects in Java programming language. The Jini technology infrastructure and programming model are built to enable services to be offered and found in the network. These services make use of the infrastructure to make calls to each other, to discover each other, and to announce their presence to other services and users.
Examples of services in a network can be hardware implementations of Jini interfaces, software services in the form of distributed components and various combinations of them.
Fig. 1. Jini Services
4. JINI’S SECURITY
The Jini networking technology developed by Sun Microsystems, is an innovative technology for building reliable, fault-tolerant distributed applications. It allows to easily form networks to share services without previous planning, installation or administration effort. Though however, the actual Jini architecture lacks a strong security model.
Now, what are the security threats faced by Jini Technology?
First, there is a risk of the confidential information getting leaked to an unauthorized party, as that party has all the access to all the communication between the client and the service.
Second, there is no way you can prevent any unauthorized user from shutting down any service.
Third, there are chances of data being changed and manipulated by that unauthorized user party.
How can we control these security threats to a certain extent?
First, we need some access-control mechanisms to our local resources like hard disks, user information and machine file system from dangerous operations.
Second, Clients need to be authenticated to the system, so as their access rights for any given service can be controlled.
Third, some services should be made invisible to un-privileged/unauthorized users. Thus, a service-visibility controlling mechanism is required for the same.
And lastly, Services should be able to control what kind of operations are allowed and what not, based on the client identity.
4.1 Java Security Model
Presents the standard security concepts in the Java language. They are not directly related to Jini but some of these concepts may be useful for future integration with the Jini model.
Jini majorly lacks in security. Sun refers to the underlying security features of the Java programming language (JDK 1.2), which initially ensured that an un-trusted and possibly malicious application cannot gain access to system resources (the Java sandbox). And the standard security model, however, fails in providing all the necessary security requirements such as authentication of participating parties, communication protocols, confidentiality and integrity of data.
4.1.1 The Java Sandbox Model
The Java security model restricts running the downloaded code to itsown sandbox. Thus, the Java virtual machine allows for executing anun-trusted application in a safe environment.
The Java sandbox comprises of three main components: the class loader, the byte code verifier and the security manager.
4.1.2 Java Security Apis
Sun released a set of optional packages to support additional security features for the standard Java Security model, such as encryption, authentication and authorization. Since version 1.4.0, these packages are a core part of the Java 2 Software Development Kit (J2SDK) – Java Cryptography Extension (JCE) - provides tools to encrypt data and to ensure message integrity between the client and the lookup service, Java Secure Socket Extension (JSSE), Java Authorization and Authentication Service (JAAS). [4]
4.1.3 Java Policy Files
Policy files are nothing, but are rather static configuration files used by Java applications, so as to specify what permissions (access to a system resource) are given to Java code depending on its source (location), the signer of the code, or both and what not.
4.2 Centralized Jini Security Model
An extension to the Jini architecture, this enables secure lookup of services and trust establishment between the respective services and clients involved. It also further relies on an off-line central certification and authentication authority. In order to ease the administration of access rights, this restricts the visibility of services registered at the lookup service.
Two main components are added to the initial Jini infrastructure – Certification Authority (CA), -provides certificates for authentication of all participants (services and clients) and Capability Manager (CM), - a separate Jini service which administers a list of names and the associated access rights (capabilities) for each user.
Fig. 3 An overall architecture of centralized security model
4.3 Sun Solutions For Jini Services
Sun Microsystems proposed two solutions to secure Jini. The first attempt was the Remote Method Invocation (RMI) Extension which was intended to add security to RMI and to use those features to secure Jini. But this attempt went in all vain.
We will, however, present its initial objectives and the reasons of its rejection.
Now, the second attempt is the Davis Project, which is intended to build a security model for Jini and is actually in a development phase.
4.3.1 Remote Method Invocation (Rmi) Security Extension
This standard extension is identified by the Java Specification Request JSR 76. Even if the original specification was intended to add security to RMI, it is the basis for adding security to all types of remote services defined in terms of interfaces like Jini. It builds on JAAS (Java Authentication and Authorization Service) and defines a high-level API, where the implementation of cryptographic mechanisms and protocols are not exposed, so code written to the API is more portable.
The RMI Security Extension allows:
1. mutual authentication between the server and the client during remote calls
2. communication integrity
3. information confidentiality
4. delegation
Unfortunately, it was rejected for various reasons. The major reason being that specification was intended to add security to RMI in general and did not address any Jini issues in particular. For example, there were no ways introduced to control Jini services visibility.
The other approaches that can be used in securing Jini-based systems:
1. A De-Centralized Jini Security Model
2. An Authentication and Authorization architecture for Jini Services.
3. And various more.
5. CONCLUSION
Each of the components is extension of the Java language system and logically independent of each other.
One of the key aspects of Java is the ability to move code into a client that wants to use a particular service in an easy and safe way. With the Java virtual machine (JVM) offering a consistent environment in which Jini can exist the fact the fact that the underlying machines can vary considerably in structure and resources is of less importance. The possibility to first compile the code into object code and then move it to another machine enables the code to be loaded into a running process and therefore allowing new functions in a running program.
Of course, another important part of Java heavily drawn upon by Jini is its inherent safety e.g. referential integrity and type safety in conjunction with Java’s own security model.
6. REFERENCES
1. Johan Petrini and Henning Sundvall: “Distributed Systems Fall” 2002
2. Sun Microsystems:“Jini Architecture Specification”, 2001
3. https://river.apache.org/release-doc/2.2.2/specs/html/jini-spec.html
4. https://www.researchgate.net/publication
/220413811_Security_Solutions_for_Jini-Based_Applications
5. https://en.wikipedia.org/wiki/Jini