+612 9045 4394
Java Security 2e : Java Series - Scott Oaks

Java Security 2e

Java Series

Paperback Published: 11th June 2001
ISBN: 9780596001575
Number Of Pages: 624

Share This Book:


RRP $88.00
Ships in 15 business days

One of Java's most striking claims is that it provides a secure programming environment. Yet despite endless discussion, few people understand precisely what Java's claims mean and how it backs up those claims. If you're a developer, network administrator or anyone else who must understand or work with Java's security mechanisms, Java Security is the in-depth exploration you need.

"Java Security, " 2nd Edition, focuses on the basic platform features of Java that provide security--the class loader, the bytecode verifier, and the security manager--and recent additions to Java that enhance this security model: digital signatures, security providers, and the access controller. The book covers the security model of Java 2, Version 1.3, which is significantly different from that of Java 1.1. It has extensive coverage of the two new important security APIs: JAAS (Java Authentication and Authorization Service) and JSSE (Java Secure Sockets Extension). "Java Security, " 2nd Edition, will give you a clear understanding of the architecture of Java's security model and how to use that model in both programming and administration.

The book is intended primarily for programmers who want to write secure Java applications. However, it is also an excellent resource for system and network administrators who are interested in Java security, particularly those who are interested in assessing the risk of using Java and need to understand how the security model works in order to assess whether or not Java meets their security needs.

'This is a great book about Java Security. If you are a Java programmer who want to write secure applications or a system administrator, you should read this book'. Evgeny Gesin, JavaDesk, Israel.

Prefacep. xi
Java Application Securityp. 1
What Is Security?p. 1
Software Used in This Bookp. 4
The Java Sandboxp. 10
Security Debuggingp. 15
Summaryp. 17
The Default Sandboxp. 18
Elements of the Java Sandboxp. 18
Permissionsp. 20
Keystoresp. 32
Code Sourcesp. 32
Policy Filesp. 33
The Default Sandboxp. 38
The java.security Filep. 41
Comparison with Previous Releasesp. 41
Summaryp. 42
Java Language Securityp. 43
Java Language Security Constructsp. 44
Enforcement of the Java Language Rulesp. 50
Comparisons with Previous Releasesp. 56
Summaryp. 57
The Security Managerp. 58
Overview of the Security Managerp. 59
Operating on the Security Managerp. 64
Methods of the Security Managerp. 65
Comparison with Previous Releasesp. 80
Summaryp. 82
The Access Controllerp. 84
The CodeSource Classp. 85
Permissionsp. 86
The Policy Classp. 98
Protection Domainsp. 101
The AccessController Classp. 102
Guarded Objectsp. 109
Comparison with Previous Releasesp. 110
Summaryp. 111
Java Class Loadersp. 112
The Class Loader and Namespacesp. 112
Class Loading Architecturep. 115
Implementing a Class Loaderp. 117
Miscellaneous Class Loading Topicsp. 127
Comparison with Previous Releasesp. 129
Summaryp. 130
Introduction to Cryptographyp. 131
The Need for Authenticationp. 132
The Role of Authenticationp. 137
Cryptographic Enginesp. 138
Summaryp. 144
Security Providersp. 146
The Architecture of Security Providersp. 146
The Provider Classp. 152
The Security Classp. 158
The Architecture of Engine Classesp. 163
Comparison with Previous Releasesp. 164
Summaryp. 164
Keys and Certificatesp. 166
Keysp. 167
Generating Keysp. 172
Key Factoriesp. 181
Certificatesp. 189
Keys, Certificates, and Object Serializationp. 202
Comparison with Previous Releasesp. 203
Summaryp. 204
Key Managementp. 205
Key Management Termsp. 206
The keytoolp. 209
The Key Management APIp. 221
A Key Management Examplep. 228
Secret Key Managementp. 234
Comparison with Previous Releasesp. 241
Summaryp. 243
Message Digestsp. 244
Using the Message Digest Classp. 244
Secure Message Digestsp. 248
Message Digest Streamsp. 251
Implementing a MessageDigest Classp. 255
Comparison with Previous Releasesp. 260
Summaryp. 260
Digital Signaturesp. 261
The Signature Classp. 261
Signed Classesp. 272
Implementing a Signature Classp. 281
Comparison with Previous Releasesp. 286
Summaryp. 287
Cipher-Based Encryptionp. 288
The Cipher Enginep. 288
Cipher Streamsp. 305
Sealed Objectsp. 309
Comparison with Previous Releasesp. 310
Summaryp. 310
SSL and HTTPSp. 311
An Overview of SSL and JSSEp. 311
SSL Client and Server Socketsp. 321
SSL Sessionsp. 324
SSL Contexts and Key Managersp. 327
Miscellaneous SSL Issuesp. 337
The HTTPS Protocol Handlerp. 341
Debugging JSSEp. 344
Summaryp. 345
Authentication and Authorizationp. 346
JAAS Overviewp. 347
Simple JAAS programmingp. 349
Simple JAAS Administrationp. 352
Advanced JAAS Topicsp. 362
Summaryp. 378
The Java.security Filep. 379
Security Resourcesp. 382
Identity-Based Key Managementp. 392
The Secure Java Containerp. 420
Implementing a JCE Security Providerp. 450
Quick Referencep. 458
Indexp. 567
Table of Contents provided by Syndetics. All Rights Reserved.

ISBN: 9780596001575
ISBN-10: 0596001576
Series: Java Series
Audience: Professional
Format: Paperback
Language: English
Number Of Pages: 624
Published: 11th June 2001
Publisher: John Wiley & Sons Publishers
Country of Publication: US
Dimensions (cm): 23.5 x 18.42  x 2.54
Weight (kg): 0.89
Edition Number: 2
Edition Type: Revised