sHome : Course Map : Chapter 4 : Java : Supplements :
Java Security Overview
Course Map
Chapter 4

  Demo 1
  Demo 2a
  Demo 2b
  Demo 3
  Demo 4
Casting References
Object class
Class Summary

Java Security
Class Loading
Class Verifier
     About JavaTech
     Codes List
     Topic Index
     Course Guide
     What's New

The designers of Java intended from the beginning to provide a language that would excel at network applications. This meant dealing with the challenges of malevolent intrusions over the network. From applets to heavy duty enterprise middleware, the JVM must prevent access to forbidden areas of the platform and stop abusive code from interfering with the system.

To insure that class files cannot be manipulated to get around these restrictions, the designers built a security framework into the language from the ground up. This framework includes lines of defense against Java code attempting reaching into areas it should not.

A major line of defense is provided by the language design and the JVM:

  • An array index must stay in bounds - can't go out of range accidentally or deliberately

  • No direct memory pointers - this prevents access to memory outside the program's heap. This is true even at the bytecode level in the class files.

  • Type-safe casting - can only cast an object to its own class or one of its superclasses.

In this section we will discuss the following three additional techniques built into Java to block renegade code:

  • Class Loading - this involves a multi-step process of finding the class and reading in the bytes, and organizing the data into the class structure, i.e. methods, fields, etc. It will prevent the loading of files in which the data has been corrupted in some way.

  • Class Verification - use several tests to check the class for pathologies in the bytecode.

  • SecurityManager - Once the class is loaded, the security manager can restrict its access to various resources and services such as the local disk, input/output, etc.

Note: We don't discuss in this course the package and its sub-packages that add yet another level of security and deal especially with the issues of secure communications. These packages provide tools for encrypting/decrypting objects, public/private keys, code signing, certificates, secure class loaders, and all that. See Reference 2 for information about Java cryptography.

References & Web Resources

  1. Chapter 14 : HTTP Server - SecurityManager
  2. JavaTM 2 Platform Security Architecture by Li Gong, version 1.2, 2002,Sun Microsystems.
  3. JavaTM Cryptography Architecture API Specification & Reference


Latest update: Oct. 20, 2004

Vectors & Matrices

Runge-Kutta 2nd
  Demo 1
Runge-Kutta 4th
  Demo 2
Shooting Method
  Demo 3

  Part I Part II Part III
Java Core 1  2  3  4  5  6  7  8  9  10  11  12 13 14 15 16 17
18 19 20
22 23 24

1  2  3  4  5  6  7  8  9  10  11  12

Tech 1  2  3  4  5  6  7  8  9  10  11  12
Physics 1  2  3  4  5  6  7  8  9  10  11  12

Java is a trademark of Sun Microsystems, Inc.