Browse Prior Art Database

Providing a Protected Environment in a Server

IP.com Disclosure Number: IPCOM000118914D
Original Publication Date: 1997-Sep-01
Included in the Prior Art Database: 2005-Apr-01
Document File: 2 page(s) / 62K

Publishing Venue

IBM

Related People

Banks, AD: AUTHOR

Abstract

In a client server implementation, it is normal to avoid executing application code in the server as this compromises the integrity of the server. A result of this is that more crossings of the client/server firewall are required, as the two interact more than would be required if some of the application logic were executed in the server. This imposes severe limits on the performance of client server implementations.

This text was extracted from an ASCII text file.
This is the abbreviated version, containing approximately 55% of the total text.

Providing a Protected Environment in a Server

      In a client server implementation, it is normal to avoid
executing application code in the server as this compromises the
integrity of the server.  A result of this is that more crossings of
the client/server firewall are required, as the two interact more
than would be required if some of the application logic were executed
in the  server.  This imposes severe limits on the performance of
client server  implementations.

      Relational databases often enable a stored procedure
environment in the server as a partial solution to this problem.
Transaction monitors, on the other hand, allow a restricted function
server environment for the application, in order to provide better
performance.

      The described solution uses the inherent protection provided
by the Java virtual machine and the Java language to isolate the
server from damage that might be caused to it by application code.
Two implementations are described:
  1.  Using the Java virtual machine to isolate the application
       (Fig. 1).
  2.  Using a Java class to isolate the application (Fig. 2).

Using the Java Virtual Machine to Isolate the Application:

      The Server (at the request of the client) creates an instance
of the Java virtual machine in its address space and hosts its
execution.  The application may use all of the resources of the
virtual machine but is prevented by the virtual machine from doing
anything else, p...