Inside Java™ 2 Platform Security: Architecture, API Design, and Implementation - Couverture souple

"The book is of enormous consequence and potential value. The Java 2 Platform Security represents an advance of major proportions, and the information in this book is captured nowhere else." --Peter G. Neumann, Principal Scientist, SRI International Computer Science Lab, author of Computer-Related Risks, and Moderator of the Risks Forum

"Profound! There are a large number of security pearls. I enjoyed and was very impressed by both the depth and breadth of the book." --Stephen Northcutt, Director of Research for Intrusion Detection and Response, SANS Institute

Inside the Java 2 Platform Security is the definitive and comprehensive guide to the Java security platform. Written by the Chief Java Security Architect at Sun, it provides a detailed look into the central workings of the Java security architecture and describes security tools and techniques for successful implementation.

This book features detailed descriptions of the many enhancements incorporated within the security architecture that underlies the Java 2 platform. It also provides a practical guide to the deployment of Java security, and shows how to customize, extend, and refine the core security architecture. For those new to the topic, the book includes an overview of computer and network security concepts and an explanation of the basic Java security model.

You will find detailed discussions on such specific topics as:

• The original Java sandbox security model
• The new Java 2 Platform permission hierarchy
• How Java security supports the secure loading of classes
• Java 2 access control mechanisms
• Policy configuration
• Digital certificates
• Security tools, including Key Store and Jar Signer
• Secure Java programming techniques
• Ways to customize the Java security architecture with new permission types
• How to move legacy security code onto the Java 2 Platform

In addition, the book discusses techniques for preserving object security--such as signing, sealing, and guarding objects--and outlines the Java cryptography architecture. Throughout, the book points out common mistakes and contains numerous code examples demonstrating the usage of classes and methods.

With this complete and authoritative guide, you will gain a deeper understanding into how and why the Java security technology functions as it does, and will be better able to utilize its sophisticated security capabilities in the development of your applications.

Series: The Java Series

Security is an integral part of the Java platform; all Java APIs are built on a solid security model. That model has always been stronger than the security of other platforms, never allowing for the proliferation of a large virus such as “Melissa” or “I Love You.” Now improved security and robust performance peacefully coexist.

This book provides a detailed look into the central workings of the Java security architecture, including coverage of the many v1.4 enhancements. This book reviews multiple security threats, such as Trojan horses and denial of service attacks, and the strategies used to combat them. Students will find a practical guide to the deployment of Java security, as well as tips on how to customize, extend, and refine the core security architecture. In addition, it touches on the evolution of Java security, from the restrictive days of the JDK 1.0 sandbox to the sophisticated security features available in Java 2. The book even includes a list of 11 security bugs found in early versions of Java.