People often describe security as one of the key attributes that make
JavaTM technology a superior programming environment. There are
features of the language, virtual machine, and core class libraries
that facilitate the creation of secure applications. While certain
aspects of Java technology-related security are unavoidablefor
instance, you can never do pointer arithmetic, it is not an
all-or-nothing deal. This course explores how your Java programs
are, or can be, secured at every level: from the language level to the
virtual machine level and from the class library level to the application
level.
Each of these aspects are demonstrated, along with specific browser-level
security concerns.
It is important to remember that security is never absolutethere are
always trade-offs between security, ease of use, and performance. Because of
these trade-offs, it is vital that all security elements be part of an open
specification, subject to test and modification based on the experience of
thousands of every day users. Thus, if there are fundamental shortcomings to
the security model, they will quickly be found. Implementation deficiencies
will also be found and corrected. (See
Project Kimera at University
of Washington and the Secure
Internet Programming initiative at Princeton University for two such
Java technology-security validation research efforts.) This openness is one
of Java technology's strengths.
Course Notes
Magercises
Back to Reader Feedback
Copyright © 1998 MageLang Institute.
All Rights Reserved.