book

Java Security

by Scott Oaks

May 1998

Intermediate to advanced

469 pages

14h 57m

English

O'Reilly Media, Inc.

Read now

Unlock full access

Anatomy of a Java Application
Outline of the JavaRunner ApplicationBuilt-in Java Application Security
Java Language Security ConstructsObject Serialization and Memory Integrity
Compiler EnforcementThe Bytecode VerifierInside the bytecode verifierDelayed bytecode verificationControlling bytecode verificationRuntime Enforcement
Security and the Class LoaderClass Loaders and Security EnforcementClass Loaders and Namespaces
The Internal Class LoaderThe Applet Class LoaderThe RMI Class LoaderThe Secure Class LoaderThe URL Class LoaderChoosing the Right Class Loader
Implementing the ClassLoader ClassProtected methods in the ClassLoader classImplementing the SecureClassLoader ClassProtected methods of the SecureClassLoader classImplementing Security Policies in the Class Loader
Loading from Multiple SitesA JAR File Class Loader
DelegationLoading ResourcesLoading Libraries
Overview of the Security ManagerSecurity Managers and the Java API
Setting a Security ManagerMethods Relating to File AccessMethods Relating to Network AccessMethods Protecting the Java Virtual MachineMethods Protecting Program ThreadsMethods Protecting System ResourcesMethods Protecting Security Aspects
The CodeSource Class
The Permission ClassPermissions of the Java APIUsing the Permission ClassThe BasicPermission ClassPermission CollectionsThe Permissions Class
The Default Policy
Protected Methods of the Security ManagerThe Class Loader DepthProtected Instance Variables in the Security Manager
The Class Loader and the Security Manager
Utility ClassesImplementing Network AccessNetwork Permissions in the Class LoaderImplementing Thread SecurityImplementing Package AccessEstablishing a Security Policy in 1.2Establishing a 1.1 Security PolicyThe RMI security managerA complete 1.1 security managerImplementing the file access methodsImplementing network, thread, and package accessImplementing miscellaneous methods
The Secure JavaRunner ProgramThe Secure Java Launcher
The Need for AuthenticationAuthor AuthenticationData AuthenticationJava’s Role in Authentication
Message DigestsCryptographic KeysDigital SignaturesEncryption Engines
The Architecture of Security ProvidersComponents of the ArchitectureChoosing a Security Provider
Using the Provider ClassImplementing the Provider Class
The Security Class and the Security Manager
Using the Message Digest ClassSecure Message Digests
The DigestOutputStream ClassThe DigestInputStream Class
KeysThe Key InterfaceDSA keysThe KeyPair Class
Using the KeyPairGenerator ClassGenerating DSA KeysImplementing a Key Pair Generator
Using the KeyFactory classImplementing a Key FactoryKey SpecificationsThe EncodedKeySpec classThe AlgorithmParameterSpec interfaceA Key Factory Example
The Certificate ClassThe CertificateFactory ClassThe X509Certificate ClassAdvanced X509Certificate MethodsRevoked Certificates
Overview of Key ManagementPrincipals
Installing a KeyStore Class
The Signature ClassUsing the Signature ClassThe SignedObject ClassSigning and Certificates
Reading Signed JAR FilesThe Signed JAR File and Security Policies
Export Restrictions
Secret Keys
The KeyGenerator ClassUsing the KeyGenerator classImplementing a KeyGenerator classThe SecretKeyFactory ClassSecret key specificationsThe secret key factory SPI
Using the Cipher ClassCipher AlgorithmsImplementing the Cipher Class
The CipherOutputStream ClassThe CipherInputStream ClassSSL Encryption
The keytoolGlobal Options to keytoolAdding a Certificate EntryAdding a Key EntryModifying Keystore EntriesDeleting Keystore EntriesExamining Keystore DataImporting a 1.1-Based Identity DatabaseMiscellaneous Commands
Creating a Signed JAR FileVerifying a JAR File
Managing Policy CodebasesManaging PermissionsManaging Certificate Entries
The java.security FileThe java.policy File
IdentitiesThe Identity ClassUsing the identity classImplementing an Identity classThe Identity class and the security managerSignersUsing the Signer classImplementing a signerSigners and the security manager
Using the IdentityScope ClassWriting an Identity ScopeIdentityScope and the Security Manager
Implementing an Identity ClassImplementing a Signer ClassA Shared System Identity ScopeCreating Identities
Security BugsJava Security BugsTracking Security Bugs
Package java.security

Content preview from Java Security

Summary

In this chapter, we’ve looked at Java’s access control mechanism. The access controller is the most powerful security feature of the Java platform: it protects most of the vital resources on a user’s machine, and it allows users (or system administrators) to customize the security policy of a particular application simply by modifying entries in the java.policy (and/or other similar) files.

The access controller is able to control access to a well-established set of system resources (files, sockets, etc.), but it is extensible as well: you can create your own permission classes that the access controller can use in order to grant or to deny access to any resource that you like.

In the next chapter, we’ll look into more details of implementing a security policy, including the important relationship between the access controller and the security manager. And, because the access controller is only available with Java 1.2, we’ll look at how the security manager can be used to implement a security policy in earlier releases of Java as well.

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Start your free trial

Publisher Resources

ISBN: 1565924037Supplemental Content Catalog Page Errata

Java Security

by Scott Oaks

Summary

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

You might also like

Java Security Handbook

Java Security, 2nd Edition

Java APIs, Extensions and Libraries: With JavaFX, JDBC, jmod, jlink, Networking, and the Process API

Deploying Zone-Based Firewalls

Publisher Resources