book

Java Security

by Scott Oaks

May 1998

Intermediate to advanced

469 pages

14h 57m

English

O'Reilly Media, Inc.

Read now

Unlock full access

Anatomy of a Java Application
Outline of the JavaRunner ApplicationBuilt-in Java Application Security
Java Language Security ConstructsObject Serialization and Memory Integrity
Compiler EnforcementThe Bytecode VerifierInside the bytecode verifierDelayed bytecode verificationControlling bytecode verificationRuntime Enforcement
Security and the Class LoaderClass Loaders and Security EnforcementClass Loaders and Namespaces
The Internal Class LoaderThe Applet Class LoaderThe RMI Class LoaderThe Secure Class LoaderThe URL Class LoaderChoosing the Right Class Loader
Implementing the ClassLoader ClassProtected methods in the ClassLoader classImplementing the SecureClassLoader ClassProtected methods of the SecureClassLoader classImplementing Security Policies in the Class Loader
Loading from Multiple SitesA JAR File Class Loader
DelegationLoading ResourcesLoading Libraries
Overview of the Security ManagerSecurity Managers and the Java API
Setting a Security ManagerMethods Relating to File AccessMethods Relating to Network AccessMethods Protecting the Java Virtual MachineMethods Protecting Program ThreadsMethods Protecting System ResourcesMethods Protecting Security Aspects
The CodeSource Class
The Permission ClassPermissions of the Java APIUsing the Permission ClassThe BasicPermission ClassPermission CollectionsThe Permissions Class
The Default Policy
Protected Methods of the Security ManagerThe Class Loader DepthProtected Instance Variables in the Security Manager
The Class Loader and the Security Manager
Utility ClassesImplementing Network AccessNetwork Permissions in the Class LoaderImplementing Thread SecurityImplementing Package AccessEstablishing a Security Policy in 1.2Establishing a 1.1 Security PolicyThe RMI security managerA complete 1.1 security managerImplementing the file access methodsImplementing network, thread, and package accessImplementing miscellaneous methods
The Secure JavaRunner ProgramThe Secure Java Launcher
The Need for AuthenticationAuthor AuthenticationData AuthenticationJava’s Role in Authentication
Message DigestsCryptographic KeysDigital SignaturesEncryption Engines
The Architecture of Security ProvidersComponents of the ArchitectureChoosing a Security Provider
Using the Provider ClassImplementing the Provider Class
The Security Class and the Security Manager
Using the Message Digest ClassSecure Message Digests
The DigestOutputStream ClassThe DigestInputStream Class
KeysThe Key InterfaceDSA keysThe KeyPair Class
Using the KeyPairGenerator ClassGenerating DSA KeysImplementing a Key Pair Generator
Using the KeyFactory classImplementing a Key FactoryKey SpecificationsThe EncodedKeySpec classThe AlgorithmParameterSpec interfaceA Key Factory Example
The Certificate ClassThe CertificateFactory ClassThe X509Certificate ClassAdvanced X509Certificate MethodsRevoked Certificates
Overview of Key ManagementPrincipals
Installing a KeyStore Class
The Signature ClassUsing the Signature ClassThe SignedObject ClassSigning and Certificates
Reading Signed JAR FilesThe Signed JAR File and Security Policies
Export Restrictions
Secret Keys
The KeyGenerator ClassUsing the KeyGenerator classImplementing a KeyGenerator classThe SecretKeyFactory ClassSecret key specificationsThe secret key factory SPI
Using the Cipher ClassCipher AlgorithmsImplementing the Cipher Class
The CipherOutputStream ClassThe CipherInputStream ClassSSL Encryption
The keytoolGlobal Options to keytoolAdding a Certificate EntryAdding a Key EntryModifying Keystore EntriesDeleting Keystore EntriesExamining Keystore DataImporting a 1.1-Based Identity DatabaseMiscellaneous Commands
Creating a Signed JAR FileVerifying a JAR File
Managing Policy CodebasesManaging PermissionsManaging Certificate Entries
The java.security FileThe java.policy File
IdentitiesThe Identity ClassUsing the identity classImplementing an Identity classThe Identity class and the security managerSignersUsing the Signer classImplementing a signerSigners and the security manager
Using the IdentityScope ClassWriting an Identity ScopeIdentityScope and the Security Manager
Implementing an Identity ClassImplementing a Signer ClassA Shared System Identity ScopeCreating Identities
Security BugsJava Security BugsTracking Security Bugs
Package java.security

Content preview from Java Security

Name

Class java.security.AccessController

Synopsis

The access controller is responsible for determining whether or not the current thread can execute a given operation. This decision occurs in the checkPermission() method and is based upon all the protection domains that are on the stack of the calling thread and the set of permissions that have been granted to those protection domains. The access controller is heavily used by the security manager to enforce a specific security policy, and it may be used by arbitrary code to enforce an application-specific security policy as well.

Class Definition

public final class java.security.AccessController
	extends java.lang.Object {

	// Class Methods
	public static native Object doPrivileged(PrivilegedAction);
	public static native Object doPrivileged(PrivilegedAction, 
                               AccessControlContext);
	public static native Object
                               doPrivileged(PrivilegedExceptionAction);
	public static native Object doPrivileged(PrivilegedExceptionAction, 
                               AccessControlContext);
	public static void checkPermission(Permission);
	public static AccessControlContext getContext();
}

Java Security

by Scott Oaks

Name

Synopsis

Class Definition

See Also:

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

You might also like

Java Security Handbook

Java Security, 2nd Edition

Java APIs, Extensions and Libraries: With JavaFX, JDBC, jmod, jlink, Networking, and the Process API

Deploying Zone-Based Firewalls

Publisher Resources