Home - News ( United States | United Kingdom | Italy | Germany ) - Football scores

Showing content from http://www.oracle.com/java/technologies/javase/javase-tech-security.html below:

Java SE Security

Java security technology includes a large set of APIs, tools, and implementations of commonly used security algorithms, mechanisms, and protocols. The Java security APIs span a wide range of areas, including cryptography, public key infrastructure, secure communication, authentication, and access control. Java security technology provides the developer with a comprehensive security framework for writing applications, and also provides the user or administrator with a set of tools to securely manage applications.

Java security's components are structured as follows:

Underlying the Java SE Platform is a dynamic, extensible security architecture, standards-based and interoperable. Security features — cryptography, authentication and authorization, public key infrastructure, and more — are built in.

The following table describes each security feature in more detail and points you to resources with more information.

See Security Developer's Guide for further information on security features.

WARNING: The Security Manager and APIs related to it have been deprecated and are subject to removal in a future release. There is no replacement for the Security Manager. See JEP 411 for discussion and alternatives.

Built-in language security features enforced by the Java compiler and virtual machine:

• Strong data typing
• Automatic memory management
• Bytecode verification
• Secure class loading

Provides a safe and secure platform for developing and running applications. Compile-time data type checking and automatic memory management leads to more robust code and reduces memory corruption and vulnerabilities. Bytecode verification ensures code conforms to the JVM specification and prevents hostile code from corrupting the runtime environment. Class loaders ensure that untrusted code cannot interfere with the running of other Java programs.

• Java Language and Virtual Machine Specifications

• Comprehensive API with support for a wide range of cryptographic services including digital signatures, message digests, ciphers (symmetric, asymmetric, stream & block), message authentication codes, key generators and key factories
• Support for a wide range of standard algorithms including RSA, ECDSA, EdDSA, AES, ChaCha20, SHA-2, SHA-3, and PBKDF2.
• PKCS#11 cryptographic token support

Provides an extensible, full featured API for building secure applications:

• Algorithm and implementation independent
• Provider-based (pluggable) architecture

• Java Cryptography Architecture (JCA) Reference Guide
• PKCS#11 Reference Guide

Authentication and Access Control

• Abstract authentication APIs that can incorporate a wide range of login mechanisms through a pluggable architecture.
• A comprehensive policy and permissions API that allows the developer to create and administer applications requiring fine-grained access to security-sensitive resources.

Enables single sign-on of multiple authentication mechanisms and fine-grained access to resources based on the identity of the user or code signer. Support for timestamped signatures makes it easier to deploy signed code by avoiding the need to re-sign code when the signer's certificate expires.

• Java SE Platform Security Architecture
• Java Authentication and Authorization Service (JAAS)
• Default Policy Implementation and Policy File Syntax

Secure Communications

• JSSE standard API, available in the javax.net and javax.net.ssl packages, which provides secure sockets for client and server-side applications, a non-blocking engine for producing and consuming streams of TLS/DTLS data, and key and trust manager interfaces.
• A JSSE provider named SunJSSE that provides cryptographic services including:
  • SSL 3.0, TLS (versions 1.0, 1.1, 1.2, and 1.3), and DTLS (versions 1.0 and 1.2) security protocols
  • Implementations of TLS and DTLS cipher suites, an X.509-based key manager and an X.509-based trust manager.
• The Java GSS-API, which provides uniform access to security services on a variety of underlying security mechanisms, including Kerberos.
• The Java Simple Authentication and Security Layer (SASL), which specifies a protocol for authentication and optional establishment of a security layer between client and server applications.

Authenticates peers over an untrusted network and protects the integrity and privacy of data transmitted between them.

• Java Secure Socket Extension (JSSE) Reference Guide
• Java Generic Security Services (Java GSS-API)
• Java Simple Authentication and Security Layer (SASL) API Programming and Deployment Guide

Public Key Infrastructure (PKI)

Tools for managing keys and certificates and comprehensive, abstract APIs with support for the following features and algorithms:

• Certificates and Certificate Revocation Lists (CRLs): X.509
• Certification Path Validators and Builders: PKIX, Online Certificate Status Protocol (OCSP)
• KeyStores: PKCS#11, PKCS#12
• Certificate Stores (Repositories): LDAP, java.util.Collection

Eases the development and deployment of complex PKI applications. Support for OCSP provides a more scalable and timely method for applications to check certificate revocation status.

• X.509 Certificates and Certificate Revocation Lists (CRLs)
• Java PKI Programmer's Guide
• Client-Driven Online Certificate Status Protocol (OCSP) and OCSP Stapling

RetroSearch is an open source project built by @garambo | Open a GitHub Issue

Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo

HTML: 3.2 | Encoding: UTF-8 | Version: 0.7.4