Hack Proofing Your Web Applications

Overview of the Java Security Architecture

Among the computer languages in existence, the Java 2 platform is without a doubt the most secure. It was originally developed with the Web in mind, and a lot of thought about security was put into the design right from the start. This section discusses the basic security model, including the extended sandbox mechanism for restricting Java 2 applets. Any Java operation is treated with extreme suspicion by the Java language if it can possibly do damage to a system. More specifically, Web-capable operations such as connecting to another server are treated with suspicion. The Java language is capable of protecting both the user and the host of an application from harm, which was no small feat for the Java designers.

Other languages and development tools, such as ActiveX, are not as secure because they run in the native language on a PC and after they begin executing, they have access to all resources on your system. Security for ActiveX seems to be implemented as a reaction to security breaches rather than designed into the architecture right from the start.

There are basically five goals for any complete security architecture, most of which Java addresses (as you ll see in the next section):

  • Containment Preventing dangerous operations from occurring on a client system. Some operations are like chemicals in a lab: useful but dangerous. Operations such as writing to the disk, deleting files, and sending information over a network are potentially dangerous and...

UNLIMITED FREE
ACCESS
TO THE WORLD'S BEST IDEAS

SUBMIT
Already a GlobalSpec user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your GlobalSpec Experience

Category: Math Calculation Software
Finish!
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.