- From: Anders W. Tell <anderst@toolsmiths.se>
- Date: Mon, 22 May 2000 21:41:58 +0200
- To: Michael Condry <Michael.Condry@eng.sun.com>
- CC: xml-dist-app@w3.org, connolly@w3.org
Michael Condry wrote: > I made an earlier email comment about a "Lack of Sandbox". > > The point is the lack of ability to contain things with > an application level protocol that allows an general > execution engine (by the schema). This is nothing > to do with the Java Sandbox. One method of providing an extra level of sandboxing is to add an "interaction" model which both communicating parties must agree on, in addition to the "schema agreement". This interaction model may be defined ala UML or more formally in a specification language such as SDL (Specification and Description Language) which is recommeded by ITU. Another method I have implemented in XIOP, is a metamodel consisting of "encoding-stereotypes" (grove nodes, properties) and a set of "forms" (how nodes/properties are encoded in XML and other formats) So in XIOP the communicating parties agrees on sterotypes as defined by OMG IDL types and message interactions as defined by OMG GIOP transport specification. This type of metamodel increases the semantical content of each message and allows for other types of encoding formats suchs a binary ones. Together with the other Corba security concepts, authentication, credentials, confidentiality, integrity,access controll, audit it is an fairly far reaching sandbox from which many ideas can be considered for a W3C RPC protocol. Sooner or later the cat is out of box, and yes it better be when you trust yourself to handle the cat properly :) /anders -- /_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/ / Financial Toolsmiths AB / / Anders W. Tell / / WWW: <http://www.toolsmiths.se> / / XIOP: <http://xiop.sourceforge.net> / /_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/_/
Received on Monday, 22 May 2000 15:40:30 UTC