Browse Prior Art Database

Method and Process for restricting usage of SPI implementations to approved implementations

IP.com Disclosure Number: IPCOM000244586D
Publication Date: 2015-Dec-23
Document File: 2 page(s) / 137K

Publishing Venue

The IP.com Prior Art Database

Abstract

Use of 3rd Party implementations of SPI (Service Provider Interfaces) can be a risk to the infrastructure. The solution disclosed provides a mechanism to verify that an implementation of an interface meets all the requirements of the SPI. Once the implementation is proven a mechanism is provided to allow the implementation to identify itself as an approved implementation. This avoids the problem of rogue SPI implementations causing damage to the application or damaging the reputation of the company. This process is similar to the signing of drivers performed by some companies but takes place in an open environment.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 57% of the total text.

Page 01 of 2

Method and Process for restricting usage of SPI implementations to approved implementations

Use of 3rd Party implementations of SPI (Service Provider Interfaces) can be a risk to a company's infrastructure. The solution disclosed provides a mechanism to verify that an implementation of an interface meets all the requirements of the SPI. Once the implementation is proven a mechanism is provided to allow the implementation to identify itself as an approved implementation. This avoids the problem of rogue SPI implementations causing damage to the application or damaging the reputation of the company. This process is similar to the signing of drivers performed by some companies but takes place in an open environment. Background

    This work is an extension of JUnit-contracts (http://www.drdobbs.com/testing/simplifying-contract-testing/240167128) and depends upon features of the test suite code found at https://github.com/Claudenw/junit-contracts/tree/master/junit.

It also utilises standard public/private key facilities.

It is similar, in some respects to Java code signing, but is different in that the Java security manager is not involved in the process and that use of the java language is not required.

Basic outline of usage
SPI Developer Actions

Developers of the SPI develop a Contract test for the SPI as per normal Contract


1.

test development standards.

Implementers of the SPI utilise the Contract test to verify that their


2.

implementation meets the contract for SP...