O'Reilly logo

J2EE™ Security for Servlets, EJBs and Web Services: Applying Theory and Standards to Practice by Pankaj Kumar

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 4. PKI with Java

Public key cryptography alone is not sufficient for realizing the security services of data integrity, confidentiality, identification, authentication and non-repudiation. Think of this simple scenario: Alice wants to send a message to Bob for his eyes only and with the assurance that the message is from her only and no one else. To accomplish this, she signs the message with her private key and encrypts the signed message with Bob's public key. On receipt of the encrypted message, Bob decrypts it using his private key and verifies the signature with Alice's public key. As only Bob could decrypt the message, neither Alice nor Bob has to worry about someone else intercepting and reading it. Also, Alice's signature, verified ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required