PREFACE.............................................................................................................................................3
How This Book Is Organized ..........................................................................................................3
Acknowledgments...........................................................................................................................4
About the Authors ...........................................................................................................................6
PREFACE TO THE FIRST EDITION ........................................................................................................6
Acknowledgments for the First Edition...........................................................................................7
CHAPTER 1. COMPUTER AND NETWORK SECURITY FUNDAMENTALS ...............................................9
1.1 Cryptography versus Computer Security ..................................................................................9
1.2 Threats and Protection............................................................................................................10
1.3 Perimeter Defense...................................................................................................................11
1.4 Access Control and Security Models.......................................................................................14
1.5 Using Cryptography................................................................................................................17
1.6 Authentication........................................................................................................................21
1.7 Mobile Code...........................................................................................................................23
1.8 Where Java Technology–Based Security Fits In.....................................................................24
CHAPTER 2. BASIC SECURITY FOR THE JAVA PROGRAMMING LANGUAGE......................................25
2.1 The Java Programming Language and Platform....................................................................25
2.2 Original Basic Security Architecture ......................................................................................26
2.3 Bytecode Verification and Type Safety ...................................................................................27
2.4 Signed Applets........................................................................................................................29
2.5 Further Enhancements............................................................................................................30
CHAPTER 3. JAVA 2 SECURITY ARCHITECTURE...............................................................................31
3.1 Security Architecture Requirements of Java 2 ........................................................................31
3.2 Overview of the Java 2 Security Architecture.........................................................................33
3.3 Architecture Summary.............................................................................................................33
3.4 Lessons Learned......................................................................................................................35
CHAPTER 4. SECURE CLASS LOADING.............................................................................................37
4.1 Class Files, Types, and Defining Class Loaders.....................................................................37
4.2 Well-Known Class Loader Instances ......................................................................................38
4.3 Class Loader Hierarchies .......................................................................................................38
4.4 Loading Classes......................................................................................................................41
4.5 SecureClassLoader Details ...........................................................................................45
4.6 URLClassLoader Details...................................................................................................46
4.7 Class Paths .............................................................................................................................47
CHAPTER 5. ELEMENTS OF SECURITY POLICY.................................................................................49
5.1 Permissions............................................................................................................................49
5.2 Describing Code .....................................................................................................................58
5.3 ProtectionDomain ..........................................................................................................62
5.4 Security Policy ........................................................................................................................66
5.5 Assigning Permissions ............................................................................................................69
5.6 Dynamic Security Policy.........................................................................................................70
CHAPTER 6. ENFORCING SECURITY POLICY ....................................................................................72
6.1 SecurityManager.............................................................................................................72
6.2 AccessControlContext.................................................................................................74
6.3 DomainCombiner...............................................................................................................75
6.4 AccessController ..........................................................................................................76
CHAPTER 7. CUSTOMIZING THE SECURITY ARCHITECTURE ............................................................92
7.1 Creating New Permission Types .............................................................................................92
7.2 Customizing Security Policy ...................................................................................................96
7.3 Customizing the Access Control Context ..............................................................................101
CHAPTER 8. ESTABLISHING TRUST.................................................................................................102
8.1 Digital Certificates................................................................................................................102
8.2 Establishing Trust with Certification Paths..........................................................................105
8.3 Establishing Trust in Signed Code........................................................................................110
8.4 User-Centric Authentication and Authorization Using JAAS ...............................................112
8.5 Distributed End-Entity Authentication..................................................................................119
CHAPTER 9. OBJECT SECURITY......................................................................................................124
9.1 Security Exceptions...............................................................................................................124
9.2 Fields and Methods...............................................................................................................125
9.3 Static Fields ..........................................................................................................................126
9.4 Private Object State and Object Immutability ......................................................................126
9.5 Privileged Code ....................................................................................................................128
9.6 Serialization ..........................................................................................................................129
9.7 Inner Classes........................................................................................................................131
9.8 Native Methods .....................................................................................................................131
9.9 Signing Objects .....................................................................................................................132
9.10 Sealing Objects ...................................................................................................................134
9.11 Guarding Objects................................................................................................................135
CHAPTER 10. PROGRAMMING CRYPTOGRAPHY.............................................................................139
10.1 Cryptographic Concepts .....................................................................................................139
10.2 Design Principles................................................................................................................140
10.3 Cryptographic Services and Service Providers...................................................................141
10.4 Core Cryptography Classes ................................................................................................146
10.5 Additional Cryptography Classes .......................................................................................163
10.6 Code Examples....................................................................................................................173
10.7 Standard Names..................................................................................................................181
10.8 Algorithm Specifications .....................................................................................................185
CHAPTER 11. NETWORK SECURITY................................................................................................189
11.1 Java GSS-API......................................................................................................................189
11.2 JSSE ...................................................................................................................................195
11.3 Remote Method Invocation .................................................................................................204
CHAPTER 12. DEPLOYING THE SECURITY ARCHITECTURE............................................................207
12.1 Installing the Latest Java 2 Platform Software...................................................................207
12.2 The Installation Directory
12.3 Setting System and Security Properties...............................................................................208
12.4 Securing the Deployment ....................................................................................................210
12.5 Installing Provider Packages..............................................................................................212
12.6 Policy Configuration...........................................................................................................214
12.7 JAAS Login Configuration Files .........................................................................................223
12.8 Security Tools......................................................................................................................226
12.9 X.500 Distinguished Names ................................................................................................239
12.10 Managing Security Policies for Nonexperts......................................................................240
CHAPTER 13. OTHER PLATFORMS AND FUTURE DIRECTIONS.......................................................242
13.1 Introduction to Java Card...................................................................................................242
13.2 Introduction to Java 2 Micro Edition..................................................................................245
13.3 Security Enhancements on the Horizon for J2SE................................................................246
13.4 Brief Introduction to Jini Network Technology...................................................................249
13.5 Brief Introduction to J2EE..................................................................................................251
13.6 Client Containers ................................................................................................................252
13.7 Final Remarks.....................................................................................................................253
BIBLIOGRAPHY................................................................................................................................254
Another Java Books
Another Computer Security Books
Download
No comments:
Post a Comment