We said that the constant pool contains a great deal of information. In fact it contains an interesting mixture of items. The constant pool combines the function of a symbol table for linking purposes as well as a repository for constant values and string literals present in the source code. It may be considered as … Read more
The class file contains a lot more information than its cousin, the executable file. Of course, it still contains the same type of information: program requirements, an identifier indicating that this is a program and executable code (bytecode, in this case). However, it also contains some very rich information about the original source code. The … Read more
Moving back to the world of Java, we see that it is a high-level programming language and that bytecode is the low-level machine language of the JVM. Java is an object-oriented language; that is, it deals primarily with objects and their interrelationships. Objects are best thought of in this context as a collection of data … Read more
Understanding how the various components of the Java Virtual Machine (JVM) cooperate to provide a secure execution environment will enable you to understand how to administer your own security policy using the new features of Java 2 and to know when you should consider implementing your own extensions to provide a more tailored security policy. … Read more
In this article we show you how to apply the security features of Java 2 to applets and applications running on your system. Applying a Security Manager to Applets and Applications The security manager is invoked by all the Java system code to perform access control checks based on the security policy currently in effect. … Read more
The class loading mechanism plays a critical role in Java security since the class loader is responsible for locating and fetching the class files, consulting the security policy, and defining the appropriate permissions associated with the class object. In JDK 1.1, local code and correctly signed remote code were generally trusted to have full access … Read more
A protection domain can be scoped by a set of objects that are currently directly accessible by a principal, where a principal is an entity in the computer system to which permissions are granted. A principal can access objects in the protection domain by virtue of the permissions it enjoys over the objects in the … Read more
The Java programming language is one of the fastest-growing technologies in use on the Internet today. The principal reason why Java has scored over other languages is the promise that an application written once in Java can be run from any machine that has a JVM. From the early stages of Java development, it was … Read more
JCA is described as a provider architecture. The primary principal in the design of the JCA has been to separate the cryptographic concepts from their algorithmic implementations. It is designed to allow different vendors to provide their own implementation of the cryptographic tools and other administrative functions. This makes a very flexible framework which willcater … Read more
In the previous post We have discussed two parts of the world of Java, the development environment and the execution environment. The third part is where the world of Java meets the rest of the world, that is, the capabilities it provides for extending Java functions and integrating with applications of other types. The simplest … Read more