Small mobile computing devices -- PDAs, cellphones, pagers -- are becoming prevalent. The old system architectures, based on fixed computers and peripherals, are no longer adequate. Federated service architectures will allow ever-changing collections of computers, mobile computing devices, and peripherals to discover each other's existence and make use of each other's services. Sun Microsystems' Java and Jini Connection Technology provide the infrastructure for federated service architectures. However, Java Remote Method Invocation (RMI) is not practical for invoking remote services involving small devices, and there is no defense against security threats such as unauthorized users performing remote service invocations, passive intruders learning sensitive information from remote service invocations, or active intruders replaying remote service invocations to disrupt the system.
In this talk I'll describe my recent work on Poor Man's Remote Method Invocation (PMRMI), a lightweight remote service invocation protocol based on UDP datagrams, that is suitable for small devices. I'll also describe my recent work on Secure PMRMI, which is PMRMI extended with encryption (to foil passive intruders and for authentication) and a challenge-response protocol (to foil active intruders). For encryption I am using the Rijndael block cipher, the recently-announced NIST Advanced Encryption Standard winner. I'll describe the Java implementation of Secure PMRMI and give a demonstration of Secure PMRMI in action.
Colloquia Series page.