Java

本类阅读TOP10
·使用MyEclipse开发Struts框架的Hello World!(录像1)
·hibernate配置笔记
·AOP编程入门--Java篇
·linux下Tomcat 5.0.20 与 Apache 2 安装/集成/配置
·在win2003下整合了整合Tomcat5.5+ apache_2.0.53+ mod_jk_2.0.47.dll
·构建Linux下IDE环境--Eclipse篇
·Jsp 连接 mySQL、Oracle 数据库备忘(Windows平台)
·ASP、JSP、PHP 三种技术比较
·Tomcat5.5.9的安装配置
·AWT GUI 设计笔记(二)

分类导航
VC语言Delphi
VB语言ASP
PerlJava
Script数据库
其他语言游戏开发
文件格式网站制作
软件工程.NET开发
Java Security Notes (1)

作者:未知 来源:月光软件站 加入时间:2005-2-28 月光软件站

The book I get is 2nd version, so it's still fresh even author released it in 2001. 

The book consists of 15 chapters each of which focuses on one of JAVA security topics. In the following days, I will share my study notes with you guys.

First of all, I list the chapter list here (actually, you could find them around internet easily):
Chapter 1, Java Application Security
Chapter 2, The Default Sandbox
Chapter 3, Java Language Security
Chapter 4, The Security Manager
Chapter 5, The Access Controller
Chapter 6, Java Class Loader
Chapter 7, Introduction to Cryptography
Chapter 8, Security Providors
Chapter 9, Keys and Certificates
Chapter 10, Key Management
Chapter 11, Message Digests
Chapter 12, Digital Signatures
Chapter 13, Cipher-Based Encryption
Chapter 14, SSL and HTTPS
Chapter 15, Authentication and Authorization

If you review above titiles of chapters carefully and are familiar with JAVA Application anatomy, author presents his view along with JAVA topography nodes.  Let's recall the whole JAVA anatomy as author did:
--------------------------------------------------------------------------------------------
                                    Remote Class Files          Local Class Files
---------------------------------------------------------------------------------------------
                                                               Signed Class Files
---------------------------------------------------------------------------------------------
                                                               Bytecode Verifier
----------------------------------------------------------------------------------------------
Core API Class Files                             Class Loader
-----------------------------------------------------------------------------------------------
Security Package                             Core Java API
-----------------------------------------------------------------------------------------------
                       main of Security Manager + part of Access Controller
-----------------------------------------------------------------------------------------------
                        part of Security Manager + main of Access Controller
------------------------------------------------------------------------------------------------
       Key Database
------------------------------------------------------------------------------------------------
                                                   Operating System
-------------------------------------------------------------------------------------------------

According to the above diagram, to add security logics up in every site of Java implementation is the essential thought of this book. Additionally, sandbox is the critical framework we need to follow. In real cases, the compromise between performance and effectiveness is hardly averted.

So far we browse the overview of this book, I will go on my notes later.

相关文章

相关软件