<< Previous <<
[Session1 Index]
>> Next
>>
Suppose John has written 2 programs that run on the same machine. Program
A is a financial analysis program, which Sue wants to use to process her
confidential data; Sue is the customer for the service provided by Program
A. John would like his analysis program to send Sue's confidential data to
Program B. Sue needs to ensure that Program A is confined. Java as
currently defined cannot support this model of behavior: Java programs can
communicate to other programs on the net, and so Java applets are disallowed
from reading the user's data.
Furthermore, though not represented here, it is also important that Program
A's proprietary algorithm not be exposed to Sue's other programs that manipulate
her financial data. In the general case, then, the confinement needs to run
both ways.