Applications that run only on a single PC do not have much need for security. For example, your word processor really doesn't need to worry about anyone spying on the file you are typing because it only resides on your internal disk drive. After an application starts to interact with a network or the Internet, the need for security increases. Data can easily be intercepted on the Internet. Hackers can pretend to be someone they are not. They can take your carefully constructed code and decompile it, modify it, and use it to connect to your server and do things you never imagined. For this reason, it is important to implement the proper security measures to protect your application or applet.

This section addresses how to accomplish that with Java code. One of the main worries of data carried over the Internet is that someone can intercept a message, change the contents, and resend the information to its destination. The Java Cryptography Extension allows the integrity of a message to be validated by using message digests.

Taking the concept a step further, with the Internet you cannot always be 100-percent sure that a message in fact came from the party you think sent it. After all, it is quite easy to create an e-mail address under someone else's name George W. Bush for example and send it off to the Chief of Staff. To be sure the sender is valid, a digital signature can be...