As computers have become more integral to contemporary society, the risks of information theft, malicious attacks and the like have increased. As a result, significant efforts have been devoted to improving computer security.
For example, most modern operating systems and runtime environments implement some form of a security architecture that limits the types of operations that certain users and certain programs can perform in a computer, e.g., operations such as reading certain data, writing certain data, executing certain programs, etc. Often, such security architectures rely on policies that apply to users, programs and other entities, and define the permissions or rights that have been granted to such entities.
The JAVA programming environment, in particular, has a significant concern for controlling security due to the portable nature of JAVA programs. JAVA is a type of object-oriented programming language where a JAVA program, e.g., a JAVA application or JAVA applet, is defined by one or more classes that define templates for the objects that are created during the execution of a JAVA application or applet. JAVA employs a write once, run anywhere approach where a JAVA program that is compiled into a platform independent format commonly known as byte code can be deployed and installed into any computer having a compatible JAVA virtual machine (JVM) runtime environment. As a result, JAVA programs are frequently distributed over the Internet or another network to large numbers of users, and are potential vehicles for malicious attacks by third parties.
JAVA defines a security architecture that generally maps a set of permissions to a JAVA program based upon a policy defined for the program. One limitation that has been encountered in connection with the JAVA security architecture, however, is that each policy is correlated with an entire code base, or code source, such that all of the classes in a particular code base will be granted the same access permissions. Put another way, code bases define the basic protection domains for the JAVA security architecture, and as a result, policies are code base-correlated.
A code base, in this context, is a collection of related classes from a JAVA program. Compilation of a JAVA program into a byte code format typically results in the generation of individual class files for each compiled class. Often, to facilitate the distribution of a JAVA program, all of the class files therefor are bundled together in a single, compressed file, referred to as a JAVA Archive (JAR) file. For the purposes of JAVA security, an entire JAR file forms a single code base, and thus a single protection domain. As a result, all of the classes in a given JAR file are conventionally mapped to the same policy and granted the same access permissions by the JAVA security architecture.
To grant different access permissions to different classes in a JAVA program, a developer typically must place the classes in different JAR files, and assign separate policies to the different JAR files. However, it is typically desirable to limit a JAVA program to a single JAR file whenever possible to facilitate easy distribution. As a result, a need has arisen in the art for a manner of enabling different classes in a JAVA program to be granted different access permissions without requiring those classes to be split up into multiple JAR files.
Furthermore, another limitation encountered with the JAVA security architecture is the static nature of the access permissions applied to a JAVA program. In a conventional JAVA environment, for example, policies are created during development. As of deployment or installation time, i.e., whenever a JAVA program is installed into a runtime environment, the access permissions for a given JAVA program are static and immutable. Consequently, a JAVA program will typically be granted the same access permissions regardless of the specific environment within which the program is installed. In some applications, however, it may be desirable to adjust the access permissions of a JAVA program to accommodate specific characteristics of a given environment. A need therefore has also arisen for a manner of enabling access permissions for a JAVA program to be modifiable to better accommodate different environments.