| View: | [ 2009 | 2008 | 2007 | 2006 | 2005 | 2004 | 2003 ] |
| Articles Tips | White Papers |
- Java authorization internals by Abhijit Belapurkar - [Clicks: 194]
If you're the type who needs to know how a technology works from the inside out in order to use it effectively, you'll jump on this guided tour of the Java platform's authorization architectures. Follow along as Java architect Abhijit Belapurkar leads this detailed, behind-the-scenes introduction to two distinctly different (yet related) models of authorization: the code-centric model of the Java 2 platform security architecture and the user-centric model of the Java Authentication and Authorization Service.
http://www-106.ibm.com/developerworks/java/library/j-javaauth/ - May, 2004 - Banish Security Blunders with an Error-prevention Process by Adam Kolawa - [Clicks: 9]
Traditionally, application security is an afterthought—we build our apps and try to poke holes in them later. Why not take potential security breaches into account from the very beginning? The Automated Error Prevention Methodology provides a framework you can use to integrate security concerns into your app development right from the start.
http://www.devx.com/security/Article/20678 - Apr, 2004 - Using the Java Secure Socket Extension in WebSphere Studio V5 by Colin Yu - [Clicks: 79]
This article shows you how to provide data transfer security in your applications using Java Secure Socket Extension (JSSE) and Java Cryptography Extension (JCE) with WebSphere Studio.
[Includes sample code]
http://www-106.ibm.com/developerworks/websphere/library/techarticles/0403_yu/0403_yu.html - Mar, 2004 - Building Trust for Applets by Kevin Jones - [Clicks: 7]
With only one security model to worry about, the Java 2 standard security model, security for applets is now easier than ever.
http://www.ftponline.com/javapro/2004_02/online/applets_kjones_02_11_04/ - Feb, 2004 - Employ Secure Applets in Browsers by Kevin Jones - [Clicks: 3]
Applets may have fallen out of favor, but now that they run inside Sun's VM, we can use the Java 2 security model to manage the applet.
http://www.ftponline.com/javapro/2004_01/online/applets_kjones_01_26_04/ - Feb, 2004
- Creating Custom Security Permissions by John Zukowski - [Clicks: 9]
The January 30, 2001 Tech Tip Controlling Package Access With Security Permissions explored how to work with a security manager and an application-specific policy file to control a program's permissions. That approach works well if you need to set permissions using a preexisting set of permissions. But what if one of the preexisting permissions doesn't suit your needs, and you need to create a custom security permission? This tip explains how to do that.
http://java.sun.com/developer/JDCTechTips/2004/tt0518.html#2 - May, 2004
- Java 2 Security by Brian Maso - [Clicks: 9]
This paper explores some of the internals of Java 2 security. We'll take an inside-out approach to exploring the important concepts and APIs: First we'll look at the high-level concepts that Java 2 security is based on, and then we'll examine the Java class internals that encode these concepts. The Java classes are a highly optimized implementation of the relatively simple concepts on which Java 2 security is based. The high optimization level means that a bare reading of the source code is confusing and at times misleading, so a good understanding of the concepts and how the Java security classes map to those concepts is essential when pursuing a strong understanding of Java 2 security. This paper wraps up with a discussion of advanced Java security techniques. We'll see how to impose Java security on non-Java interpreted scripts, how to create logical threads of execution taking into account Java 2 security, as well as other techniques.
http://www.theserverside.com/articles/article.tss?l=dm_security - Apr, 2004 - (PDF) - java.security.policy: When "java.policy" Just Is Not Good Enough by Ted Neward - [Clicks: 9]
Java 2's security system is a complex, pluggable architecture that allows for Java programmers to participate in the default process, or to replace the java.policy-based implementation altogether in favor of something else. In fact, Sun favors this latter approach, urging developers to implement a customized Policy implementation more suitable to their business' needs. In this paper, we will examine the details of how a new Policy implementation is built, and provide readers with the knowledge necessary to "roll your own" Java Security Policy implementations. This paper assumes you are familiar, at least in concept, with some of the Java2 Security architecture.
http://www.theserverside.com/articles/article.tss?l=dm_javaPolicy - Apr, 2004 - (PDF)
