Book description
Java's most striking claim is that it provides a secure programming environment. However, despite lots of discussion, few people understand precisely what Java's claims mean and how it backs up those claims. Java Security is an in-depth exploration aimed at developers, network administrators, and anyone who needs to work with or understand Java's security mechanisms. It discusses in detail what security does and doesn't mean, what Java's default security policies are, and how to create and implement your own policies. In doing so, Java Security provides detailed coverage of security managers, class loaders, the access controller, and much of the java.security package. It discusses message digests, certificates, and digital signatures, showing you how to use Java's facilities for signing classes or to implement your own signature facility. It shows you how to write a class loader that recognizes signed classes, verifies the signature, and cooperates with a security manager to grant additional privileges. It also discusses the problem of managing cryptographic keys and shows you how to implement your own key management systems. Java Security is an essential book for everyone using Java in real-world software. If you're deploying software written in Java, you need to know how to grant your classes the privileges they need, without granting privileges to untrusted classes. You need to know how to protect your systems against intrusion and corruption. Java provides the tools; this book shows you how to use them.
Publisher resources
Table of contents
-
Java Security
- Preface
- 1. Java Application Security
- 2. Java Language Security
- 3. Java Class Loaders
- 4. The Security Manager Class
- 5. The Access Controller
-
6. Implementing Security Policies
- Protected Methods of the Security Manager
- Security Managers and the Class Loader
- Implementation Techniques
- Running Secure Applications
- Summary
- 7. Introduction to Cryptography
- 8. Security Providers
- 9. Message Digests
- 10. Keys and Certificates
- 11. Key Management
- 12. Digital Signatures
- 13. Encryption
- A. Security Tools
- B. Identity-Based Key Management
- C. Security Resources
-
D. Quick Reference
-
Package java.security
- Class java.security.AccessControlContext
- Class java.security.AccessController
- Class java.security.AlgorithmParameterGenerator
- Class java.security.AlgorithmParameterGeneratorSpi
- Class java.security.AlgorithmParameters
- Class java.security.AlgorithmParametersSpi
- Class java.security.AllPermission
- Class java.security.BasicPermission
- Class java.security.CodeSource
- Class java.security.DigestInputStream
- Class java.security.DigestOutputStream
- Interface java.security.Guard
- Class java.security.GuardedObject
- Class java.security.Identity
- Class java.security.IdentityScope
- Interface java.security.Key
- Class java.security.KeyFactory
- Class java.security.KeyFactorySpi
- Class java.security.KeyPair
- Class KeyPairGenerator
- Class KeyPairGeneratorSpi
- Class java.security.KeyStore
- Class java.security.MessageDigest
- Class java.security.MessageDigestSpi
- Class java.security.Permission
- Class java.security.PermissionCollection
- Class java.security.Permissions
- Class java.security.Policy
- Interface java.security.Principal
- Interface java.security.PrivateKey
- Class java.security.ProtectionDomain
- Class java.security.Provider
- Interface java.security.PublicKey
- Class java.security.SecureClassLoader
- Class java.security.SecureRandom
- Class java.security.Security
- Class java.security.SecurityPermission
- Class java.security.Signature
- Class java.security.SignatureSpi
- Class java.security.SignedObject
- Class java.security.Signer
- Class java.security.UnresolvedPermission
- Package java.security.cert
-
Package java.security.interfaces
- Interface java.security.interfaces.DSAKey
- Interface java.security.interfaces.DSAKeyPairGenerator
- Interface java.security.interfaces.DSAParams
- Interface java.security.interfaces.DSAPrivateKey
- Interface java.security.interfaces.DSAPublicKey
- Interface java.security.interfaces.RSAPrivateKey
- Interface java.security.interfaces.RSAPublicKey
-
Package java.security.spec
- Interface java.security.spec.AlgorithmParameterSpec
- Class java.security.spec.DSAParameterSpec
- Class java.security.spec.DSAPrivateKeySpec
- Class java.security.spec.DSAPublicKeySpec
- Class java.security.spec.EncodedKeySpec
- Interface java.security.spec.KeySpec
- Class java.security.spec.PKCS8EncodedKeySpec
- Class java.security.spec.RSAPrivateKeySpec
- Class java.security.spec.RSAPublicKeySpec
- Class java.security.spec.X509EncodedKeySpec
-
Package javax.crypto
- Class javax.crypto.Cipher
- Class javax.crypto.CipherInputStream
- Class javax.crypto.CipherOutputStream
- Class javax.crypto.CipherSpi
- Class javax.crypto.KeyAgreement
- Class javax.crypto.KeyAgreementSpi
- Class javax.crypto.KeyGenerator
- Class javax.crypto.KeyGeneratorSpi
- Class javax.crypto.NullCipher
- Class javax.crypto.SealedObject
- Interface javax.crypto.SecretKey
- Class javax.crypto.SecretKeyFactory
- Class javax.crypto.SecretKeyFactorySpi
- Package javax.crypto.interfaces
-
Package javax.crypto.spec
- Class javax.crypto.spec.DESKeySpec
- Class javax.crypto.spec.DESedeKeySpec
- Class javax.crypto.spec.DHGenParameterSpec
- Class javax.crypto.spec.DHParameterSpec
- Class javax.crypto.spec.DHPrivateKeySpec
- Class javax.crypto.spec.DHPublicKeySpec
- Class javax.crypto.spec.IvParameterSpec
- Class javax.crypto.spec.PBEKeySpec
- Class javax.crypto.spec.PBEParameterSpec
-
Miscellaneous Packages
- Class java.awt.AWTPermission
- Class java.io.FilePermission
- Class java.io.SerializablePermission
- Class java.lang.ClassLoader
- Class java.lang.RuntimePermission
- Class java.lang.SecurityManager
- Class java.lang.reflect.ReflectPermission
- Class java.net.NetPermission
- Class java.net.SocketPermission
- Class java.net.URLClassLoader
- Class java.rmi.RMISecurityManager
- Class java.rmi.server.RMIClassLoader
- Class java.util.PropertyPermission
-
Package java.security
- Index
- Colophon
Product information
- Title: Java Security
- Author(s):
- Release date: May 1998
- Publisher(s): O'Reilly Media, Inc.
- ISBN: 9781565924031
You might also like
book
40 Algorithms Every Programmer Should Know
Learn algorithms for solving classic computer science problems with this concise guide covering everything from fundamental …
book
Head First Design Patterns, 2nd Edition
You know you don’t want to reinvent the wheel, so you look to design patterns—the lessons …
book
Software Engineering at Google
Today, software engineers need to know not only how to program effectively but also how to …
book
Fundamentals of Software Architecture
Salary surveys worldwide regularly place software architect in the top 10 best jobs, yet no real …