On Sun, 9 Feb 2003, Brill Pappin wrote:
> The system is really to be run on internal networks, but that won't make
> the security conscious happy...
You try to keep the security officers happy when the internal network has
30,000+ users. That's the size of one of the internal networks I'm using 4
days a week.
BTW, are we targetting J2ME phone connectivity to our embedlets? If so the
network won't be internal as GPRS providers in europe assign public IP
space for mobile phones.
> as for how sensitive the data actually is... I'm not sure...
For security officers all data is sensitive until proven otherwise.
> Anyway, I think we can get away with not implementing it for our
> prototypes, but I think its something that *is* a serious issue that we
> need to address.
We'd better make provisions right from the start. The prototypes might
contain null-security-providers, but it shows we've at least addressed the
issue. (And allows for easy extension of the prototypes for 'real' use)
Regards,
Jac
--
Jac Kersing Technical Consultant The-Box Development
j.k...@th... http://www.the-box.com
|
