Enterprise Java Security: Building Secure J2EE Applications

The Java programming language has been one of the fastest-growing technologies in use on the Internet. The Java advantage is the promise that an application...

An obvious handicap with the security architecture of some common mobile-code platforms is the lack of fine-grained access control. Code is in general either completely...

In the Java language, an authorization, or permission, is the right to access a protected resource. The java.security package provides the abstract class Permission to...

The basic Java 2 security model establishes that a Java system administrator can grant Permissions to a given program, based on the location from which...

Listings and show that Permissions in the basic Java security model are granted based on the entities that signed the code and the URL location,...

When a class is loaded into the JVM by the appropriate Java 2 ClassLoader, the CodeSource of that class is mapped to the Permissions granted...

In the Java platform, all protected resources, such as the file system, networking facility, printing system, AWT, and keyboard, are accessible only via the system...

The Java 2 access-control model is very strict. By granting a thread of execution only to the intersection of the sets of Permissions implied by...

A potential problem that could arise with the basic access-control model as described in Section on page is that when a Java program creates a...

The Java 2 access-control model is certainly very powerful. It offers a strong security mechanism embedded into the runtime. It is clear, however, that all...

The Java 2 access-control model is centered on the concept of CodeSource. Permissions are granted based on the URL location from which the code is...