Book description
Java's most striking claim is that it provides a secure programming environment. However, despite lots of discussion, few people understand precisely what Java's claims mean and how it backs up those claims. Java Security is an in-depth exploration aimed at developers, network administrators, and anyone who needs to work with or understand Java's security mechanisms. It discusses in detail what security does and doesn't mean, what Java's default security policies are, and how to create and implement your own policies. In doing so, Java Security provides detailed coverage of security managers, class loaders, the access controller, and much of the java.security package. It discusses message digests, certificates, and digital signatures, showing you how to use Java's facilities for signing classes or to implement your own signature facility. It shows you how to write a class loader that recognizes signed classes, verifies the signature, and cooperates with a security manager to grant additional privileges. It also discusses the problem of managing cryptographic keys and shows you how to implement your own key management systems. Java Security is an essential book for everyone using Java in real-world software. If you're deploying software written in Java, you need to know how to grant your classes the privileges they need, without granting privileges to untrusted classes. You need to know how to protect your systems against intrusion and corruption. Java provides the tools; this book shows you how to use them.
Publisher resources
Table of contents
-
Java Security
- Preface
- 1. Java Application Security
- 2. Java Language Security
- 3. Java Class Loaders
- 4. The Security Manager Class
- 5. The Access Controller
-
6. Implementing Security Policies
- Protected Methods of the Security Manager
- Security Managers and the Class Loader
- Implementation Techniques
- Running Secure Applications
- Summary
- 7. Introduction to Cryptography
- 8. Security Providers
- 9. Message Digests
- 10. Keys and Certificates
- 11. Key Management
- 12. Digital Signatures
- 13. Encryption
- A. Security Tools
- B. Identity-Based Key Management
- C. Security Resources
-
D. Quick Reference
-
Package java.security
- Class java.security.AccessControlContext
- Class java.security.AccessController
- Class java.security.AlgorithmParameterGenerator
- Class java.security.AlgorithmParameterGeneratorSpi
- Class java.security.AlgorithmParameters
- Class java.security.AlgorithmParametersSpi
- Class java.security.AllPermission
- Class java.security.BasicPermission
- Class java.security.CodeSource
- Class java.security.DigestInputStream
- Class java.security.DigestOutputStream
- Interface java.security.Guard
- Class java.security.GuardedObject
- Class java.security.Identity
- Class java.security.IdentityScope
- Interface java.security.Key
- Class java.security.KeyFactory
- Class java.security.KeyFactorySpi
- Class java.security.KeyPair
- Class KeyPairGenerator
- Class KeyPairGeneratorSpi
- Class java.security.KeyStore
- Class java.security.MessageDigest
- Class java.security.MessageDigestSpi
- Class java.security.Permission
- Class java.security.PermissionCollection
- Class java.security.Permissions
- Class java.security.Policy
- Interface java.security.Principal
- Interface java.security.PrivateKey
- Class java.security.ProtectionDomain
- Class java.security.Provider
- Interface java.security.PublicKey
- Class java.security.SecureClassLoader
- Class java.security.SecureRandom
- Class java.security.Security
- Class java.security.SecurityPermission
- Class java.security.Signature
- Class java.security.SignatureSpi
- Class java.security.SignedObject
- Class java.security.Signer
- Class java.security.UnresolvedPermission
- Package java.security.cert
-
Package java.security.interfaces
- Interface java.security.interfaces.DSAKey
- Interface java.security.interfaces.DSAKeyPairGenerator
- Interface java.security.interfaces.DSAParams
- Interface java.security.interfaces.DSAPrivateKey
- Interface java.security.interfaces.DSAPublicKey
- Interface java.security.interfaces.RSAPrivateKey
- Interface java.security.interfaces.RSAPublicKey
-
Package java.security.spec
- Interface java.security.spec.AlgorithmParameterSpec
- Class java.security.spec.DSAParameterSpec
- Class java.security.spec.DSAPrivateKeySpec
- Class java.security.spec.DSAPublicKeySpec
- Class java.security.spec.EncodedKeySpec
- Interface java.security.spec.KeySpec
- Class java.security.spec.PKCS8EncodedKeySpec
- Class java.security.spec.RSAPrivateKeySpec
- Class java.security.spec.RSAPublicKeySpec
- Class java.security.spec.X509EncodedKeySpec
-
Package javax.crypto
- Class javax.crypto.Cipher
- Class javax.crypto.CipherInputStream
- Class javax.crypto.CipherOutputStream
- Class javax.crypto.CipherSpi
- Class javax.crypto.KeyAgreement
- Class javax.crypto.KeyAgreementSpi
- Class javax.crypto.KeyGenerator
- Class javax.crypto.KeyGeneratorSpi
- Class javax.crypto.NullCipher
- Class javax.crypto.SealedObject
- Interface javax.crypto.SecretKey
- Class javax.crypto.SecretKeyFactory
- Class javax.crypto.SecretKeyFactorySpi
- Package javax.crypto.interfaces
-
Package javax.crypto.spec
- Class javax.crypto.spec.DESKeySpec
- Class javax.crypto.spec.DESedeKeySpec
- Class javax.crypto.spec.DHGenParameterSpec
- Class javax.crypto.spec.DHParameterSpec
- Class javax.crypto.spec.DHPrivateKeySpec
- Class javax.crypto.spec.DHPublicKeySpec
- Class javax.crypto.spec.IvParameterSpec
- Class javax.crypto.spec.PBEKeySpec
- Class javax.crypto.spec.PBEParameterSpec
-
Miscellaneous Packages
- Class java.awt.AWTPermission
- Class java.io.FilePermission
- Class java.io.SerializablePermission
- Class java.lang.ClassLoader
- Class java.lang.RuntimePermission
- Class java.lang.SecurityManager
- Class java.lang.reflect.ReflectPermission
- Class java.net.NetPermission
- Class java.net.SocketPermission
- Class java.net.URLClassLoader
- Class java.rmi.RMISecurityManager
- Class java.rmi.server.RMIClassLoader
- Class java.util.PropertyPermission
-
Package java.security
- Index
- Colophon
Product information
- Title: Java Security
- Author(s):
- Release date: May 1998
- Publisher(s): O'Reilly Media, Inc.
- ISBN: 9781565924031
You might also like
book
Java Security Handbook
This book is a comprehensive guide to Java security issues. It assumes you are an experienced …
book
Java Security, 2nd Edition
One of Java's most striking claims is that it provides a secure programming environment. Yet despite …
book
Java Cryptography
Cryptography, the science of secret writing, is the biggest, baddest security tool in the application programmer's …
video
Spring Security
8+ Hours of Video Instruction Overview In Spring Security LiveLessons, learn from Spring experts Rob Winch, …