Java Security

Produktbeschreibung

One of Java's most striking claims is that it provides a secure programming environment. Yet despite endless discussion, few people understand precisely what Java's claims mean and how it backs up those claims. If you're a developer, network administrator or anyone else who must understand or work with Java's security mechanisms, Java Security is the in-depth exploration you need.Java Security, 2nd Edition, focuses on the basic platform features of Java that provide security--the class loader, the bytecode verifier, and the security manager--and recent additions to Java that enhance this security model: digital signatures, security providers, and the access controller. The book covers the security model of Java 2, Version 1.3, which is significantly different from that of Java 1.1. It has extensive coverage of the two new important security APIs: JAAS (Java Authentication and Authorization Service) and JSSE (Java Secure Sockets Extension). Java Security, 2nd Edition, will give you a clear understanding of the architecture of Java's security model and how to use that model in both programming and administration.The book is intended primarily for programmers who want to write secure Java applications. However, it is also an excellent resource for system and network administrators who are interested in Java security, particularly those who are interested in assessing the risk of using Java and need to understand how the security model works in order to assess whether or not Java meets their security needs. 

Inhaltsverzeichnis

* Preface

* Chapter 1: Java Application Security

* Chapter 2: The Default Sandbox

* Chapter 3: Java Language Security

* Chapter 4: The Security Manager

* Chapter 5: The Access Controller

* Chapter 6: Java Class Loaders

* Chapter 7: Introduction to Cryptography

* Chapter 8: Security Providers

* Chapter 9: Keys and Certificates

* Chapter 10: Key Management

* Chapter 11: Message Digests

* Chapter 12: Digital Signatures

* Chapter 13: Cipher-Based Encryption

* Chapter 14: SSL and HTTPS

* Chapter 15: Authentication and Authorization

* The java.security File

* Security Resources

* Identity-Based Key Management

* The Secure Java Container

* Implementing a JCE Security Provider

* Quick Reference

* Colophon 

Autoreninfo

Scott Oaks is a Java Technologist at Sun Microsystems, where he has worked since 1987. While at Sun, he has specialized in many disparate technologies, from the SunOS kernel to network programming and RPCs. Since 1995, hes focused primarily on Java and bringing Java technology to end-users. Scott also authored OReillys Java Security, Java Threads and Jini in a Nutshell titles.