by Li Gong, Gary Ellison and Mary Dageforde
The JDC is pleased to present two chapters and a quiz from Inside Java 2 Platform Security, Second Edition: Architecture, API Design and Implementation by Li Gong, Gary Ellison and Mary Dageforde, published by Addison-Wesley.
Security is an integral part of the Java platform; all Java APIs are built on a solid security model. That model has always been stronger than the security of other platforms, never allowing for the proliferation of a large virus such as "Melissa" or "I Love You." Now improved security and robust performance peacefully coexist. This book provides a detailed look into the central workings of the Java security architecture, including coverage of the many J2SE SDK 1.4 enhancements. This book reviews multiple security threats, such as Trojan horses and denial-of-service attacks, and the strategies used to combat them. Readers will find a practical guide to the deployment of Java security, as well as tips on how to customize, extend, and refine the core security architecture. In addition, it touches on the evolution of Java security, from the restrictive days of the JDK 1.0 sandbox to the sophisticated security features available in Java 2.
Chapter 3, " Java 2 Security Architecture", provides an in-depth look at the Java 2 security architecture, which is policy driven and capable of enforcing fine-grained access controls.
Chapter 7, " Customizing the Security Architecture", is an explanation of customization points provided for systems programmers who need to enhance the core security architecture.
Li Gong is managing director of Sun Microsystems' Engineering and Research Institute in Beijing, People's Republic of China. Previously at Sun, he was engineering head of Java Security and Networking, Java Embedded Servers, and JXTA. He obtained B.S. and M.S. degrees from Tsinghua University, Beijing, and a Ph.D. from the University of Cambridge. He is associate editor-in-chief of IEEE Internet Computing.
Gary Ellison is a senior staff engineer at Sun Microsystems, where he designs secure network computing platforms and protocols. From 1999 through 2002, he led the architecture, design, and implementation of the security and networking components of the Java 2 Platform, Standard Edition. He holds a B.Sc. in mathematics and physical science from The Ohio State University.
Mary Dageforde is a freelance consultant who writes software documentation for various computer companies. She has an M.S. in computer science from Stanford University and a software design and development background. Since 1990, she has concentrated on documenting APIs, languages, tools, and systems.
Explore Java Security by trying these links:
Overview of the Java 2 platform security features