O'Reilly logo

The CERT® Oracle® Secure Coding Standard for Java™ by David Svoboda, Dean F. Sutherland, Robert C. Seacord, Dhruv Mohindra, Fred Long

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 18. Miscellaneous (MSC)

Rules

Image

Risk Assessment Summary

Image

MSC00-J. Use SSLSocket rather than Socket for secure data exchange

Programs must use the javax.net.ssl.SSLSocket class rather than the java.net.Socket class when transferring sensitive data over insecure communication channels. The class SSLSocket provides security protocols such as Secure Sockets Layer/Transport Layer Security (SSL/TLS) to ensure that the channel is not vulnerable to eavesdropping and malicious tampering.

The principal protections included in SSLSocket that are not ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required