The gateway security model in the Java Electronic Commerce Framework

  • Theodore Goldstein
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1318)


This paper describes an extension to the current Java security model called the “Gateway” and why it was necessary to create it. This model allows secure applications, such as those used in electronic commerce, to safely exchange data and interoperate without compromising each individual application's security. The Gateway uses digital signatures to enable application programming interfaces to authenticate their caller. JavaSoft is using the Gateway to create a new integrated open platform for financial applications called Java Electronic Commerce Framework. The JECF will be the foundation for electronic wallets, point of sale terminals, electronic merchant servers and other financial software. The Gateway model can also be used for access control in many multiple application environments that require trusted interaction between applications from multiple vendors. These applications include browsers, servers, operating systems, medical systems and smartcards.


Financial Institution Security Model Electronic Commerce Address Space Security Manager 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. [Agorics96]
    Agorics Inc., September 15 1996.Google Scholar
  2. [Bertis 80]
    V. Bertis. Security and Protection of Data in the IBM System/38 in Proceedings of the 7th Symposium on Computer Architecture,. May 1980.Google Scholar
  3. [DH66]
    J. B. Dennis and E. C. Van Hom, Programming Semantics for Multiprogrammed Computations. Communications of the ACM 9(3), March 1966.Google Scholar
  4. [GHJV95]
    E. Gamma, R. Helm, R. Johnson, J. Vlissides, Design Patterns, Elements of Object-Oriented Software, Addison Wesley 1995.Google Scholar
  5. [Gosling96]
    J. Gosling, W. N. Joy, F. Yellin; The Java Programming Language Addison Wesley 1996.Google Scholar
  6. [GR83]
    A Goldberg, D Robson, The Smalltalk-80 Language, Addison Wesley 1983.Google Scholar
  7. [HPM93]
    G. Hamilton, M. Powell, J. Mitchell Subcontract: A Flexible Base for Distributed Computing. Symposium on Operating Systems PrinciplesGoogle Scholar
  8. [Hamilton 96]
    K.G. Hamilton, The Java Beans Specification, Scholar
  9. [JECF96] Scholar
  10. [MV96]
    MasterCard/Visa Secure Electronic Transaction Protocol Specification (S.E.T.), and Scholar
  11. [Mueller 96]
    M. Mueller, The Java Security Model, Scholar
  12. [OMG95]
    Object Management Group, The Common Object Request Broker, Scholar
  13. [WCCJRPP74]
    W. Wulf, E. Cohen, W. Corwin, A. Jones, R. Levin, C. Pierson, and F. Pollack. Hydra: The Kernel of a Multiprocessor Operating System, Communications of the ACM 17(6), June 1974.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1997

Authors and Affiliations

  • Theodore Goldstein
    • 1
  1. 1.Sun Microsystems Laboratories / JavaSoftUSA

Personalised recommendations