O'Reilly logo

Inside Java™ 2 Platform Security: Architecture, API Design, and Implementation, Second Edition by Mary Dageforde, Gary Ellison, Li Gong

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

5.4. Security Policy

The security behavior of a Java runtime environment is specified by the security policy in effect during runtime. In abstract terms, the security policy is a typical access control matrix that says what system resources can be accessed, in what fashion, and under what circumstances. For example, one entry in the matrix shown in Figure 5.2 says something like, “When running an applet downloaded from http://java.sun.com, allow it to read the file x.” More specifically, a security policy is a mapping from a set of properties that characterize running code to a set of access permissions granted to the code.

Figure 5.2. Policy matrix

In J2SE, the expression of policy is declarative in nature, that is, nonprogrammatically ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required