1 / 6

Java SE Security

Java SE Security. 1. Platform Security. Provides a safe and secure platform for developing and running applications. Compile-time data type checking and automatic memory management leads to more robust code and reduces memory corruption and vulnerabilities .

cutler
Télécharger la présentation

Java SE Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Java SE Security

  2. 1. Platform Security • Provides a safe and secure platform for developing and running applications. • Compile-timedata type checking and automatic memory management leads to more robust code and reduces memory corruption and vulnerabilities. • Bytecode verification ensures code conforms to the JVM specification and prevents hostile code from corrupting the runtime environment.

  3. 2.Cryptography • Comprehensive API with support for a wide range of cryptographic services including digital signatures. • PKCS#11 cryptographic token support • Provides an extensible, full featured API for building secure applications: • Algorithm and implementation independent. • Java Cryptography Architecture(JCA) (includes the Java Cryptographic Extension (JCE)).

  4. 3. Authentication and Access Control • A comprehensive policy and permissions API that allows the developer to create and administer applications requiring fine-grained access to security-sensitive resources. • Enables single sign-on of multiple authentication mechanisms and fine-grained access to resources based on the identity of the user or code signer. Recent support (in JDK 5) for timestamped signatures makes it easier to deploy signed code by avoiding the need to re-sign code when the signer's certificate expires.

  5. 4. Secure Communications • APIs and implementations for the following standards-based secure communications protocols: Transport Layer Security (TLS) and the Simple Authentication and Security Layer (SASL). Full support for HTTPS over SSL/TLS is also included. • Authenticates peers over an untrusted network and protects the integrity and privacy of data transmitted between them.

  6. 5. Public Key Infrastructure (PKI) • Tools for managing keys and certificates and comprehensive. • Eases the development and deployment of complex PKI applications. Recent support (in JDK 5) for OCSP provides a more scalable and timely method for applications to check certificate revocation status.

More Related