Introduction to Java Security
COMS W4180 - Network Security
Guest Lecture
Date :
Thursday, November 7th, 2002, 4:10pm
Speaker :
Alexander V. Konstantinou
Title:
Introduction to Java Security
Slides:
[
Adobe PDF (478K)
] [
Postscript (336K)
] [
HTML (779K)
]
Handouts:
[
Adobe PDF (461K)
] [
Postscript (320K)
]
Slide Contents
The Java Platform (Review)
The Java Language
Java Libraries
The Java Virtual Machine
Java Security Features
Java security evolution
Applet Sandbox security
What's special about Java security?
Java Security components
Class Loader
Class Loader (2)
Customized Class Loader example
Bytecode Verifier
Bytecode Theorem Prover Checks
Java assembly example
Java assembly example (2)
Classloader & Verifier Threats
Code Source & Protection domains
CodeSource Threats
Permissions
Sample Permissions
Policy
Policy Threats
Security Manager
RMI security manager
Access Controller
Context Access Control Algorithm
Privileged Operations
Thread Context
Access Control Risks
Policy example
Policy example (2)
Writing Secure Java Code
History of Java Security Bugs
Java Cryptography Architecture (JCA)
SSL
SSL (2)
References
References (2)
[
Presentations
]