Jump to: navigation, search

Security: Requirements

Document for collecting Security requirements

Requirements

  • Support plugging JCA/JCE classes into the platform dynamically via services or extensions
  • Use Java-standard APIs like KeyStore, CertStore, etc. where appropriate for Key management
  • Support login to the platform
  • Run with a fully-integrated SecurityManager
  • Define domain specific Permissions for eclipse concepts (e.g. ViewPermission, ActionPermission) and make
  • Find a way to run non trusted plug-ins in a sandbox
  • Make EMF generated code secure: define model specific permissions and use them in the generated code