Extending Jini with Decentralized Trust Management

Decentralized Trust Management, originally introduced by the PolicyMaker and SDSI prototypes, and currently promoted at least by the KeyNote2, SPKI, and TeSSA development efforts, provides a means of distributed authorization that seems to be especially suitable for distributed object systems and agent based systems. In this paper we introduce the SIESTA project, which studies how to integrate the ideas of decentralized trust management to the Jini environment. The focus of the functionality is on the use of SPKI certificates to secure Jini services. Controlling untrusted code is also an important issue because to use a Jini service one has to rely on proxy code loaded from the network. The resulting system allows decentralized authorization and trust management of Jini-based services and applications.