In light of mobility, security is an important part of the NetPebbles environment. NetPebbles uses a certificate based scheme for performing security and access control. Trust among NetPebbles scripts, hosts, and components is established by authentication. Each NetPebbles script is associated with a principal that identifies a person or role. Each host is also associated with a principal. Each component is associated with a global package name and a manufacturer. Authentication is performed using public key certificates, and an authenticated NetPebbles script is transitively trusted by a chain of NetPebbles servers that have authenticated one another (delegation). A NetPebbles script and components are transported using the SSL protocol that ensures privacy and integrity. Components allow access by individual principals or by members of a group of principals. Access control information is advertised in the catalog for NetPebbles to determine access rights prior to migrating to a host. We have implemented a prototype of our security infrastructure using Java Security APIs.
The NetPebbles runtime uses the certificate associated with the script for performing access control checks at runtime. An application is allowed to bind to components based on the access control fields specified in the component entry. The NetPebbles runtime also makes available the principal of the script to any component instance the script creates to facilitate component specific access control checks done by the component.