|
|
Recommended: Sing it, brah! 5 fabulous songs for developers
JW's Top 5
Featured White Papers
- Measuring Risk to Improve Java Software Quality
- Do You Really Get Classloaders?
- Pragmatic Continuous Delivery with Jenkins, Nexus, and LiveRebel
- Your Next Java Web App: Less XML, No Long Restarts, Fewer Hassles
- Coding with JRebel, Java Forever Changed
- 2012 Developer Productivity Report: Java Tools, Tech, Devs, and Data
Sponsored Links
-
Graph databases are 1000x faster than relational.
Learn More!
-
Career opportunities at Harman- Careers That'll Rock Your Socks Off.
Learn More!
-
Developer-friendly Java PDF libraries by Qoppa Software
Live Demos
-
Stop blaming your app! Diagnose Java performance issues.
Free tool >
-
UrbanCode: Go From Continuous Integration to
Continuous DeliveryLearn More!
Sponsored Links
Optimize with a SATA RAID Storage Solution
Range of capacities as low as $1250 per TB. Ideal if you currently rely on servers/disks/JBODs
Java security evolution and concepts, Part 2
Discover the ins and outs of Java security
Page 4 of 6
Many access-control decisions are based in part on this property.
Permissions
Permission classes are at the very core of Java security and represent access to various system resources such as files, sockets, and so on. A collection of permissions can be construed as a customizable security policy for an installation.
For example, permission may be given to read and write files in the /tmp directory. Permission classes are additive in that they represent approvals, but not denials. It's possible to explicitly
permit the reading of a particular file, but not to explicitly deny the reading of that file.
A number of permission classes are subclasses of the abstract java.security.Permission class, examples of which include FilePermission, AWTPermission, and even customized protections like SendMailPermission. For an exhaustive list of permissions, see Resources for a link to Li Gong's Inside Java 2 Platform Security.
Protection domains
It's possible to associate permissions with classes; however, it's more flexible to group classes into protection domains and associate permissions with those domains. A class's mapping to a domain occurs before the class is usable and is immutable thereafter. For instance, system classes can be effectively grouped under the system domain.
This relationship between the class and the permissions via the protection domain provides for flexible implementation mechanisms.
Policy
The numerous mappings of permissions to classes are collectively referred to as policy. A policy file is used to configure the policy for a particular implementation. It can be composed by a simple text editor
or using policytool, a tool bundled with the Software Development Kit (SDK), which we'll discuss in a future article.
SecurityManager
As seen in Figure 4, the class java.lang.SecurityManager is at the focal point of authorization -- the implementation of the sandbox model in JDK 1.0 is a good example.
Prior to Java 2, SecurityManager was abstract; vendors had to create concrete implementations. In Java 2, SecurityManager is concrete, with a public constructor and appropriate checks in place to ensure that it can be invoked in an authorized
manner. SecurityManager consists of a number of check methods. For example, checkRead (String file) can determine read access to a file. The checkPermission (Permission perm, Object context) method can check to see if the requested access has the given permission based on the policy. This method is relegated to
the access controller in the default implementation. The access controller will raise an exception if the requested permission
cannot be granted. Refer to the "Sidebar 2: Security exceptions" for an overview of security exceptions.
AccessController
The java.security.AccessController class is used for three purposes:
- To decide whether access to a critical system resource should be allowed or denied, based on the security policy currently in effect
- To mark code as privileged, thus affecting subsequent access determinations
- To obtain a snapshot of the current calling context, so access-control decisions from a different context can be made with respect to the saved context
While the SecurityManager can be overridden, the static methods in AccessController are always available. If you wish a particular security check to always be invoked, regardless of which security manager
is in vogue, the AccessController methods should be called.
- Feedback
More from JavaWorld
Resources
- "Java Security Evolution and Concepts," Raghavan N. Srinivas (JavaWorld):
- Part 1Learn computer security concepts and terms in this introductory overview (April 2000)
- Part 2Discover the ins and outs of Java security (July 2000)
- Part 3Tackle Java applet security with confidence (December 2000)
- Part 4Learn how optional packages extend and enhance Java security (May 2001)
- Part 5J2SE 1.4 offers numerous improvements to Java security (December 2001)
- JavaWorld security-related articles and resources
- "AESCryptography advances into the future," Raghavan Srinivas (JavaWorld, April 2000)
http://www.javaworld.com/jw-04-2000/jw-0428-aes.html - "A security roundup," Raghavan Srinivas (JavaOne Today, June 2000) -- highlights of JavaOne sessions and BOFs on topics relating to Java security
http://www.javaworld.com/javaone00/j1-00-security.html - JavaWorld's Java Bookstore security page can point you to numerous security-related books
http://www.javaworld.com/javaworld/books/jw-books-security.html
- java.sun.com security-related resources
- For comprehensive Java security information, read java.sun.com's Java Security API page
http://java.sun.com/security - For the latest documentation on Java security, read the documentation that is part of Java 2 v1.3
http://java.sun.com/j2se/1.3/docs/guide/security/index.html - "Security on the Java Platform," Li Gong (JavaOne, 1999) -- Slides from a technical session covering Java security
http://java.sun.com/javaone/javaone98/sessions/T101/index.htm - More JavaOne 1999 Java security information
http://industry.java.sun.com/javaone/99/tracks/ - "Low Level Security in Java," Frank Yellin (December 1995)
http://java.sun.com/sfaq/verifier.html - For Java security Q&A archives, see
http://archives.java.sun.com/archives/java-security.html - "Frequently Asked Questions -- Java Security" (java.sun.com)
http://java.sun.com/sfaq/ - "TrailSecurity in Java 2 SDK 1.2," Mary Dageforde (java.sun.com)
http://web2.java.sun.com/docs/books/tutorial/security1.2/index.html
- Useful security-related books, documentation, and Websites
- Inside Java 2 Platform SecurityArchitecture, API Design, and Implementation, Li Gong (Addison Wesley, 1999)
http://www1.fatbrain.com/asp/bookinfo/bookinfo.asp?theisbn=0201310007 - The University of Princeton's highly regarded Secure Internet Programming Website dedicates itself to computer security, especially
mobile code such as Java
http://www.cs.princeton.edu/sip - Read about the University of Washington's "Kimera -- A System Architecture for Networked Computers" site
http://kimera.cs.washington.edu - A comprehensive list of security problems with suggested remedial action, known as CERT advisories
http://www.cert.org - Applied CryptographyProtocols, Algorithms, and Source Code in C, 2nd Ed., Bruce Schneier (John Wiley and Sons, 1996) -- a fascinating book on the science and politics of cryptography
http://www1.fatbrain.com/asp/bookinfo/bookinfo.asp?theisbn=0471128457 - Find information and news about the Advanced Encryption Standard (AES) at the "AESCrypto Algorithm for the 21st Century" page
http://csrc.nist.gov/encryption/aes/ - Download RSA Labs's FAQ about today's cryptographyftp://ftp.rsasecurity.com/pub/labsfaq/labsfaq4.pdf
- X.509 standard for certificates
http://www.ietf.org/rfc/rfc2459.txt
About Us | Advertise | Contact Us | Terms of Service/Privacy | AdChoices
Copyright, 2006-2013 Infoworld, Inc. All rights reserved.