| OverviewThis essential Java 2 book covers Java's security mechanisms
and teaches you how to work with them. It discusses class
loaders, security managers, access lists, digital
signatures, and authentication and shows how to use these to
create and enforce your own security policy. Editorial Reviews| Amazon.com | | Scott Oakes' Java Security is extraordinary both for its technical depth and its readability. It provides the Java programmer with a complete overview of the Java security architecture and security classes, plus a wealth of detailed information and code examples for specific implementations. The book opens with a clear discussion of what Java security is, how the various Java sandbox models work, and how Java applications and applets execute within the security model. The following chapters look in depth at the elements of the Java security architecture: language rules, class loaders, the security manager, the access controller, and permission objects. All these chapters provide detailed information on implementation, as well as an excellent explanation of the role of each feature within the entire security picture. The second half of the book covers cryptographic features in the Java security package (much enhanced in Java 1.2) and how Java programs work with code that performs authentication and encryption. Here, you'll find detailed chapters on message digests, keys and certificates, key management, digital signatures, and the Java Cryptography Extensions. Anyone who needs to understand Java security, but especially those who will implement security features in Java applications, will want to own this book. |
| | Book Description | | Java's most striking claim is that it provides a secure programming environment. However, despite lots of discussion, few people understand precisely what Java's claims mean and how it backs up those claims. Java Security is an in-depth exploration aimed at developers, network administrators, and anyone who needs to work with or understand Java's security mechanisms. It discusses in detail what security does and doesn't mean, what Java's default security policies are, and how to create and implement your own policies. In doing so, Java Security provides detailed coverage of security managers, class loaders, the access controller, and much of the java.security package. It discusses message digests, certificates, and digital signatures, showing you how to use Java's facilities for signing classes or to implement your own signature facility. It shows you how to write a class loader that recognizes signed classes, verifies the signature, and cooperates with a security manager to grant additional privileges. It also discusses the problem of managing cryptographic keys and shows you how to implement your own key management systems. Java Security is an essential book for everyone using Java in real-world software. If you're deploying software written in Java, you need to know how to grant your classes the privileges they need, without granting privileges to untrusted classes. You need to know how to protect your systems against intrusion and corruption. Java provides the tools; this book shows you how to use them. |
|
Other Readers Also Read | Top Sellers in This Category | Browse Similar Topics | | | Top Level Categories:Sub-Categories: | | | | |
Reader Reviews From Amazon (Ranked by 'Helpfulness') | Average Customer Rating: |  | based on 17 reviews. |
| This book needs a revision., 2006-04-27 | | Reviewer rating: |  |
| | JDK 1.5 has many updates to platform security as well as APIs. I bought this book recently and it does not have updates after jdk 1.4. |
| | Excellent JAVA book covering all security issues, 2005-08-27 | | Reviewer rating: |  |
| | A good introduction and explanation of the Java language security (sandbox, security manager, access controller and class loaders). The same for criptography, it is clearer than Java criptography. It includes great chapters for SSL and JAAS. God job Scott (Oaks). I really recommend this book both for introduction and guide. |
| | Good Structure, 2004-11-26 | | Reviewer rating: |  |
| One thing for sure that this book is well structured, chapters are properly segregated and closely linked to each other. It makes introduction to java security seems easy.
I used to find java security a bit complicated, got pieces of information from articles that I read, but I ended up having more questions.
Some of the APIs shown in the examples are deprecated for JDK 1.4, but you can easily replace them with the new classes. |
| | Good Overview of Java Security, 2002-09-25 | | Reviewer rating: | |
| | The term "security" means many different things. This book deals with the built-in security features of Java, which most programmers access through the Security Manager and Access Controller. Overall, I liked this book and found it a really good introduction to secutiry. However, for the price of this book, I expected a lot more infomation. For example, I would have liked it if the author explored the cryptographic package in depth and gave more real world examples of using ciphers and encryption. ALthough this is not technically what the book is about, most people think of cryptogrophy in terms of security. |
| | Comprehensive, in-depth and accurate, 2002-05-23 | | Reviewer rating: | |
| | Java Security is a definitive guide. It covers all aspects of security in Java 2 in great depth and with technical accuracy. Be warned however, it is not light reading nor an introdutory book. |
|
Some information above was provided using data from Amazon.com. View at Amazon > |
| |
|
|
