|
|
Optimize with a SATA RAID Storage Solution
Range of capacities as low as $1250 per TB. Ideal if you currently rely on servers/disks/JBODs
Page 4 of 7
Java 2 Platform, Enterprise Edition (J2EE) uses role-based authentication for enforcement of its policies. With that in mind, in J2EE the developer of the business logic limits access to specific functions based on roles.
Although cryptography and computer security are two distinct subjects, computer security relies on cryptography in many ways.
Java.security, in conjunction with several core packages, provides some of Java's cryptographic features. Javax.crypto is the primary package for some of the features that were governed by export control laws. Finally, the javax.net.ssl package can be used to create secure sockets when it's necessary to transmit confidential information.
Next, let's examine some of the concepts relevant to cryptography.
Cryptanalysis, the reverse of cryptography, is the art of decoding or attacking secretly encoded information without access to the keys. Cryptanalysis has found security holes in algorithms using theoretical attacks that have either led to abandonment of the algorithm or a major refinement. It serves the critical purpose of analyzing and validating algorithms with the intent of making them more secure.
There are several algorithms to encrypt information. A simple algorithm might involve rotating a character of a message by 13 positions -- referred to as rot13. Although not secure since the original message can be easily decrypted, rot13 still remains in vogue for insecure yet scrambled messaging.
Based on a nineteenth-century work by Kerckhoff, the security of a cryptosystem should rest entirely in the secrecy of the key and not in the secrecy of the algorithm. Secret keys with well tested and analyzed algorithms produce cryptographically secure systems. Correspondingly, many of the widely prevalent algorithms are available for public scrutiny. Cryptanalysis work on many of those algorithms have led to revisions that have made them stronger.
Note: See the first sidebar for a process to design the next generation of cryptographic standard.
A one-way hash function, H(M), operates on an arbitrary-length message and returns a hash value h of fixed length m.
h = H(M), where h has a length m.;
The security of the algorithm stems from its one-wayness, not the secrets of its inner workings. More formally, H(M) has the following properties:
Hashing is an essential part of digital signatures, discussed below. Ron Rivest of RSA designed MD4 (message digest) and MD5. (RSA is the name of a security company that stands for first letter in each of its inventors last names: Ron Rivest, Adi Shamir, and Leonard Adleman.) MD4 and MD5 produce a 128-bit hash. SHA (secure hashing algorithm), designed by the National Institute of Standards and Technology (NIST) in conjunction with the National Security Agency (NSA), produces a 160-bit hash used in the digital signature algorithm (DSA). SHA-1, simply referred to as SHA in some literature, is a revision to SHA published in 1994. SHA and SHA-1, part of the secure hash standard (SHS), share similarities with the MD4 function family. MD4, MD5, and SHA are some examples of one-way hash functions.