Personal computers are widely used in consumer and commercial environments. Personal computers include, but are not limited to, IBM.RTM. and IBM-compatible computers which operate in a Windows.RTM. or OS/2.RTM. environment. Personal computers can also include workstations operating in a Unix.RTM. or other environment. As is well known to those having skill in the art, a personal computer includes a central processing unit (also referred to as a "system unit") and a user interface that is responsive to user input and to the central processing unit. The user interface generally includes a display, a keyboard, and a pointing device such as a mouse. The personal computer also includes persistent storage such as a hard disk drive that stores programs and data. An operating system such as Windows 95.RTM., OS/2.RTM. or Unix.RTM. is also stored in the persistent storage. A plurality of applications programs such as computer games or an office suite are also generally stored in the persistent storage.
Personal computers also may include a network interface application that communicates with a server over a network. The network interface application may be an Internet interface that communicates with the Internet using HTTP or other protocols. Examples of network interface applications include Netscape.RTM. Navigator.RTM. and Microsoft.RTM. Internet Explorer.RTM..
As personal computers and their application programs become more sophisticated, it is becoming increasingly clear that their total cost of ownership, including hardware and software maintenance and upgrades, may be much larger than the initial cost of the hardware and software itself. In fact, up to $35,000 or more may be spent annually to maintain each personal computer in a corporate environment.
Network computers have been proposed in order to reduce this overall cost of ownership. Network computers generally do not require a user or administrator to install software on the computer. Rather, all software is loaded from a network server when the network computer is started or when needed during a session. The overall specifications for network computers are described in a document entitled Profile Definition: Network Computer, X/Open, Document Number: X975, published by The Open Group, Berkshire, UK (1997), the disclosure of which is hereby incorporated herein by reference. Network computers have presently been announced and/or shipped by IBM (Network Station model 8361), Sun Microsystems (JavaStation) and Neoware (model @ Workstation), as well as other vendors and models.
Programs for network computers are typically written in Java. As is well known to those having skill in the art, Java programs, in compiled form, are generally portable and will generally run on a wide range of computers and operating systems. Java programs support referencing Universal Resource Locator (URL) identifiers with content types of audio/basic, audio/x-wav, image/gif and image/jpeg. Java provides a machine dependent desktop for executing machine independent applications and applets.
Network computers are also known as "diskless computers" because they generally do not include persistent storage such as a floppy disk, hard disk or CD-ROM. Due to the lack of a disk, all programs and data, except for a small loading program, are obtained from the server.
FIG. 1 is a simplified block diagram of a network computer that is connected to a server using an Internet connection. As shown in FIG. 1, network computer 100 includes a central processing unit 102 (also referred to as a "system unit") and a user interface including a display 104, a keyboard 106, and a pointing device (mouse) 108. As also shown in FIG. 1, the network computer does not generally include persistent storage for storing programs and data. A limited amount of volatile storage such as Random Access Memory (RAM) may be used to temporarily store applications and data while the network computer is running, but this volatile storage loses its information when the network computer is turned off. The network computer may also include permanent storage such as Read Only Memory, which may store small programs and minimal configuration information to load the network computer operating system and other components of the load image from a server. The permanent storage may also include a base key which is used for security purposes.
Network computer 100 also includes a network interface 110 that allows the computer to communicate with a server 120 using a network such as the Internet 130. As shown in FIG. 1, server 120 generally includes Web, DNCP, NFS and TFTP servers 122. The server 120 also stores operating system images 124 and a Java Runtime Environment (JRE) 126. A Java desktop and other applications 128 may also be included. Other non-Java related applications 129 may also be included.
Operations of the network computer of FIG. 1 to load a Java application from the server 120 via the network 130 will now be described. A small program enabling the initial program load for the network computer generally resides in permanent memory on the network computer. A base key to authenticate a load image may also reside in the permanent memory. The network computer may not include persistent memory such as a hard disk, diskette drive or CD-ROM. Network configuration data is loaded from the server 120 via the network 130 including the address of the server 122 to be used to load the network computer operating system. The network computer operating system 124 is loaded from the server 120 over the network 130. A base key ring may be loaded from the server over the network as part of this process. Each piece of code that is loaded may be authenticated with the base key or a base key ring.
Then, a Java runtime environment 126 is loaded from the server via the network. A Java desktop 128 and initial Java applications are also loaded from the server to the network computer via the network. The network computer user can cause the Java desktop to load and run additional Java applications from the network 130. These applications may load and store data on the network server 120 using NFS file access or HyperText Transmission Protocol (HTTP) requests. They may also load additional Java classes for network servers.
Unfortunately, network computers may also have limitations. In particular, because network computers typically obtain all of their programming from the network, they generally start slowly. Program loading may also burden the network 130 with network traffic. Moreover, network computer support of existing computer applications, such as Windows-based applications, may be limited, slow and clumsy.
It is also known to use a conventional personal computer to run Java programs which reside on network servers. FIG. 2 is a simplified block diagram of a conventional personal computer 200 that runs Java programs that are obtained from server 220 over the Internet 130.
As shown in FIG. 2, personal computer 200 includes a central processing unit 202 also referred to as a system unit, and a user interface including a display 204, a keyboard 206 and/or a pointing device such as a mouse 208. In addition, personal computer 200 includes persistent storage 240 such as a hard disk drive. Although the hard disk drive is shown as being external to the central processing unit 202 for ease of illustration, it will be understood that the hard disk drive 240 is generally included within the central processing unit 202. Permanent memory such as Read Only Memory (ROM) and volatile memory such as Random Access Memory (RAM) are also generally included in central processing unit 202.
As described above, a personal computer can run Java programs which reside on network servers. In order to do so, a Java runtime environment 246 is generally installed on the personal computer. Typically, the Java runtime environment 246 is installed along with a web browser 244 such as Netscape.RTM. Navigator.RTM. or Microsoft.RTM. Internet Explorer.RTM.. The web browser can run on an operating system 242 along with other applications 248. In operation, the user starts the browser 244 and uses it to load a Java application 226 from server 220 via network 230. Other applications 228 and other server functions 224 may also be obtained.
In particular, as shown in FIG. 2, the personal computer operating system 242, device drivers and configuration information reside on the personal computer hard disk 240. The user or administrator installs and configures a web browser 244, a Java runtime environment 246 and a key ring file for web browser security on the hard disk 240. The web browser runtime environment is generally a large file, and configuration can be complicated.
In use, the user starts the browser 244. The user causes the browser to load a Java application 226 from the server 220 via the network 130. The application may be signed, and the signature may be checked for validity. The Java application 226 may load subsequent Java program files and data from the network. It may also have access to Java program files, data and key ring files on the local hard disk 240 depending on how the browser is configured and what security privileges are assigned to the application. Thus, data is generally stored on the local hard disk 240.
Unfortunately, Java application access via a personal computer web browser 244 generally provides only a small measure of the reduced cost of ownership, the increased security and the ease of use which is generally associated with true network computing. For example, the browser code and the corresponding Java runtime environment are generally large in size, so that the user may install and maintain 40 megabytes or more of code. Moreover, browsers and associated Java runtime environments can vary widely in function and behavior so that a given Java application may or may not work with a given browser. Also, existing Java runtime environments may permit and in some cases may require that user data, preferences and security information reside on the local hard disk 240. This information then is locally administered and backed up as necessary, usually by the user, and may not be accessible to that user on a different machine or on a network computer.
Additionally, while browsers provide storage and access of state information for sharing among Java applications, a standard interface is generally not provided for this function. There is also generally no standard and portable mechanism for Java applications that are loaded by browsers to access key rings. The keys in these files are used to verify the integrity of Java applications by checking the digital signature of the code, and are also used to establish secure network connections with various servers using the Secure Socket Layer (SSL) protocol or other techniques. Key rings are currently provided and maintained by web browsers, but their contents are generally not accessible to Java applications in a consistent or portable way. Accordingly, it may be difficult for Java applications loaded by web browsers to be completely secure.
In summary, personal computers may include a high cost of ownership even when running Java programs which reside on network servers. On the other hand, network computers may also have limitations and will likely not replace the large installed base of personal computers in the near future.