Java Security Notes (1)

王朝java/jsp·作者佚名  2006-01-09
窄屏简体版  字體: |||超大  

The book I get is 2nd version, so it's still fresh even author released it in 2001.

The book consists of 15 chapters each of which focuses on one of JAVA security topics. In the following days, I will share my study notes with you guys.

First of all, I list the chapter list here (actually, you could find them around internet easily):

Chapter 1, Java Application Security

Chapter 2, The Default Sandbox

Chapter 3, Java Language Security

Chapter 4, The Security Manager

Chapter 5, The Access Controller

Chapter 6, Java Class Loader

Chapter 7, Introduction to Cryptography

Chapter 8, Security Providors

Chapter 9, Keys and Certificates

Chapter 10, Key Management

Chapter 11, Message Digests

Chapter 12, Digital Signatures

Chapter 13, Cipher-Based Encryption

Chapter 14, SSL and HTTPS

Chapter 15, Authentication and Authorization

If you review above titiles of chapters carefully and are familiar with JAVA Application anatomy, author presents his view along with JAVA topography nodes. Let's recall the whole JAVA anatomy as author did:

--------------------------------------------------------------------------------------------

Remote Class Files Local Class Files

---------------------------------------------------------------------------------------------

Signed Class Files

---------------------------------------------------------------------------------------------

Bytecode Verifier

----------------------------------------------------------------------------------------------

Core API Class Files Class Loader

-----------------------------------------------------------------------------------------------

Security Package Core Java API

-----------------------------------------------------------------------------------------------

main of Security Manager + part of Access Controller

-----------------------------------------------------------------------------------------------

part of Security Manager + main of Access Controller

------------------------------------------------------------------------------------------------

Key Database

------------------------------------------------------------------------------------------------

Operating System

-------------------------------------------------------------------------------------------------

According to the above diagram, to add security logics up in every site of Java implementation is the essential thought of this book. Additionally, sandbox is the critical framework we need to follow. In real cases, the compromise between performance and effectiveness is hardly averted.

So far we browse the overview of this book, I will go on my notes later.

 
 
 
免责声明:本文为网络用户发布,其观点仅代表作者个人观点,与本站无关,本站仅提供信息存储服务。文中陈述内容未经本站证实,其真实性、完整性、及时性本站不作任何保证或承诺,请读者仅作参考,并请自行核实相关内容。
 
 
© 2005- 王朝網路 版權所有 導航