<< Previous <<         [Session1 Index]            >> Next >>

Suppose John has written 2 programs that run on the same machine. Program A is a financial analysis program, which Sue wants to use to process her confidential data; Sue is the customer for the service provided by Program A. John would like his analysis program to send Sue's confidential data to Program B. Sue needs to ensure that Program A is confined. Java as currently defined cannot support this model of behavior: Java programs can communicate to other programs on the net, and so Java applets are disallowed from reading the user's data.

Furthermore, though not represented here, it is also important that Program A's proprietary algorithm not be exposed to Sue's other programs that manipulate her financial data. In the general case, then, the confinement needs to run both ways.