Books & Videos

Table of Contents

  1. Chapter 1 Java Application Security

    1. What Is Security?

    2. The Java Sandbox

    3. Applications, Applets, and Programs

    4. Running a Java Application

    5. Summary

  2. Chapter 2 Java Language Security

    1. Java Language Security Constructs

    2. Enforcement of the Java Language Rules

    3. Summary

  3. Chapter 3 Java Class Loaders

    1. Security and the Class Loader

    2. Anatomy of a Class Loader

    3. Loading Classes

    4. Implementing a Class Loader

    5. Extensions to the Class Loader

    6. Miscellaneous Class Loading Topics

    7. Summary

  4. Chapter 4 The Security Manager Class

    1. Overview of the Security Manager

    2. Trusted and Untrusted Classes

    3. Using the Security Manager

    4. Summary

  5. Chapter 5 The Access Controller

    1. The CodeSource Class

    2. Permissions

    3. The Policy Class

    4. Protection Domains

    5. The AccessController Class

    6. Guarded Objects

    7. Summary

  6. Chapter 6 Implementing Security Policies

    1. Protected Methods of the Security Manager

    2. Security Managers and the Class Loader

    3. Implementation Techniques

    4. Running Secure Applications

    5. Summary

  7. Chapter 7 Introduction to Cryptography

    1. The Need for Authentication

    2. The Role of Authentication

    3. Cryptographic Engines

    4. Summary

  8. Chapter 8 Security Providers

    1. The Architecture of Security Providers

    2. The Provider Class

    3. The Security Class

    4. The Architecture of Engine Classes

    5. Summary

  9. Chapter 9 Message Digests

    1. Using the Message Digest Class

    2. Message Digest Streams

    3. Implementing a MessageDigest Class

    4. Summary

  10. Chapter 10 Keys and Certificates

    1. Keys

    2. The KeyPairGenerator Class

    3. The KeyFactory Class

    4. Certificates

    5. Keys, Certificates, and Object Serialization

    6. Summary

  11. Chapter 11 Key Management

    1. Overview of Key Management

    2. The KeyStore Class

    3. A Key Management Example

    4. Summary

  12. Chapter 12 Digital Signatures

    1. The Signature Class

    2. Signed Classes

    3. Implementing a Signature Class

    4. Summary

  13. Chapter 13 Encryption

    1. Export Restrictions

    2. The Sun Security Provider in the JCE

    3. Key Types in the JCE

    4. Secret Key Engines

    5. Encrypting Data

    6. Cipher Streams

    7. Symmetric Key Agreement

    8. Sealed Objects

    9. Summary

  1. Appendix Security Tools

    1. The keytool

    2. The jarsigner Tool

    3. The policytool

    4. Files to Administer by Hand

  2. Appendix Identity-Based Key Management

    1. Identities

    2. Identity Scopes

    3. Key Management in an Identity Scope

    4. Summary

  3. Appendix Security Resources

    1. Security Bugs

    2. Third-Party Security Providers

    3. Security References

  4. Appendix Quick Reference

    1. Package java.security

    2. Package java.security.cert

    3. Package java.security.interfaces

    4. Package java.security.spec

    5. Package javax.crypto

    6. Package javax.crypto.interfaces

    7. Package javax.crypto.spec

    8. Miscellaneous Packages

  5. Colophon