Java 2 Network Security

pdf.css

You are here: CodeIdol > Java > Java 2 Network Security > page: 28 29 30 31 32 33 34 35 36 37 38

The Security related core classes in Java 2 can be further subdivided as:
· Access control and permissions related core classes
· Cryptography related core classes
Of these, only the cryptography related core classes form a part of the JCA.
In addition to these, all classes in JCE 1.2 form part of the JCA.
Some cryptographic functions are seen as being dangerous in the wrong
hands. No government wants to provide organized crime, or terrorist groups,
with a cheap effective way of communicating that the police cannot decrypt.
Exactly how to prevent this is not so clear, so there are many different export
and import rules for cryptographic products. The cryptographic interfaces are
divided into two parts, JCA and JCE, which reflect the divide between
exportable and unexportable cryptography. We discuss this in more detail in
Chapter 13, "Cryptography in Java 2" on page 475.
1.3.5 Staying One Jump Ahead
To get ahead, the owners of a client or a Web site need to develop an overall
security policy of which Java is a part, and implement it with care. They need
to use the latest information on what is known about Java security. This is
bound to change; realistically, Java is so young that it cannot be otherwise.
So how do they find the very latest information? Two key sources are the
CERT Coordination Center, which is on the Web at http://www.cert.org/ and
Sun Microsystems's list of frequently asked questions about applet security at
http://java.javasoft.com/sfaq. This gets you ahead. Staying ahead means that
the security policy should include regular checks of these sites, and regular
reviews of which are the right sites to check.
4
Another part of staying ahead involves balancing security with stability. If an
implementation error is discovered in the browser you use, and you see on
the Web sites a description of the problem together with news of a new beta
version of the browser to fix the problem, do you change to the new beta at
once? Systems managers are traditionally very cautious about beta code:
they want to see a lot of testing before they put it live on their production
systems. This caution is one of the most important causes of the very high
availability levels of modern systems, so systems managers are not about to
change.
Traditionally, a change to include new function is forced to wait until it passes
thorough testing, while a security change may be allowed through with less
4
See also the list of the Java security Web sites in Appendix D, "Sources of Information about Java Security" on page
You are here: CodeIdol > Java > Java 2 Network Security > page: 28 29 30 31 32 33 34 35 36 37 38

ADBRITE ads links

Your Ad Here

Related tags

Popular Categories

Unix books and guides

AJAX popular information
C# language guides
Windows books and cookbooks

.......

Русский

Polski

Francais

Deutsch

support

sitemap

terms