May 2001
Intermediate to advanced
618 pages
20h 50m
English
Content preview from Java Security, 2nd EditionBecome an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
Key Management in an Identity Scope
We’re now going to put together the identity scope with the information about the identity class to produce another key management system. One of the primary limitations of the default identity scope is that it’s based upon a single file. If you’re in a corporation, you may want to have an identity scope that encompasses the public keys of every employee in the corporation -- but you can’t afford to put the private keys of the employees in that database. Every employee needs read access to the database to obtain his or her own key; there’s no practical way with a single identity scope to prevent these users from reading each other’s private keys.
Hence, in this example, we’re going to develop an identity scope that provides for the architecture shown in Figure C-2.
There are two simple goals to this example:
There should be a central database (identity scope) managed by the system administrators of the XYZ Corporation. This database will hold the public keys of all identities that are used in the system, along with a security level that is assigned to each identity.
Each user should have a private database that holds the user’s private key. The user’s private key will be certified by the XYZ Corporation itself, so this private database will need to have the public key of the XYZ Corporation. We’ll make this scope the system scope so that it can encapsulate the knowledge that there are two scopes in use; to a program, it will appear as only a ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.