The Virtual Bookcase for browsing and sharing reviews of books. New to this site? Read the welcome page first.

The Virtual Bookcase Home
Recent reviews
Collected book news
Welcome to this site
Add your own book

Book details of 'Java Security (Java Series (O'Reilly & Associates).)'

Cover of Java Security (Java Series (O'Reilly & Associates).)
TitleJava Security (Java Series (O'Reilly & Associates).)
Author(s)Scott Oaks
ISBN1565924037
LanguageEnglish
PublisherO'Reilly & Associates
Web links for this book
Search at Bookcrossing.com
Wikipedia booksources
Shop for this book
At Amazon.com
At Amazon.co.uk

Back to shelf Computer programming
Amazon.com info for Java Security (Java Series (O'Reilly & Associates).)

Score:

Vote for this book

The Virtual Bookcase Reviews of 'Java Security (Java Series (O'Reilly & Associates).)':

Reviewer amazon.com wrote:
Scott Oakes' Java Security is extraordinary both for its technical depth and its readability. It provides the Java programmer with a complete overview of the Java security architecture and security classes, plus a wealth of detailed information and code examples for specific implementations. The book opens with a clear discussion of what Java security is, how the various Java sandbox models work, and how Java applications and applets execute within the security model. The following chapters look in depth at the elements of the Java security architecture: language rules, class loaders, the security manager, the access controller, and permission objects. All these chapters provide detailed information on implementation, as well as an excellent explanation of the role of each feature within the entire security picture. The second half of the book covers cryptographic features in the Java security package (much enhanced in Java 1.2) and how Java programs work with code that performs authentication and encryption. Here, you'll find detailed chapters on message digests, keys and certificates, key management, digital signatures, and the Java Cryptography Extensions. Anyone who needs to understand Java security, but especially those who will implement security features in Java applications, will want to own this book.
Reviewer Rob Slade wrote:
As the author notes, security means many different things to many different people. In the general public, Java security tends to mean browser and applet security, and the default applet "sandbox." Therefore I feel obliged to point out that this book is primarily concerned with the programming of security into systems, and the security APIs (Applications Programming Interfaces) built into the language to ease that task. Chapter one looks at the overall security model for Java, and particularly at the invocations of programs. Basic enforcement and verification is covered in chapter two. Class loaders, in chapter three, provide the programmer with a means to specify an almost arbitrary level of security protection for a program. Chapter four details the workings of the security manager, again providing the programmer with the ability to set specific protections. The access controller is new to Java 1.2, is the mechanism that the security manager now uses to actually permit or deny use of resources, and the object calls are discussed in chapter five. Implementation of access and security policies through the class loader and security manager is covered in chapter six. Chapter seven looks at the need for authentication over open networks, and the security provisions of digital signatures. The discussion of cryptography itself is essentially non-existent since, as Oaks notes, it is not necessary to understand it in order to use it. Those who wish to test or implement strong encryption will need to go elsewhere. Implementation of standard cryptographic protection is via security providers, reviewed in chapter eight. Some simple message digest implementations are described in chapter nine. Key management is an important part of cryptography so chapter ten deals with keys and certificates while chapter eleven reviews the handling of them. Chapter twelve looks at the functions provided for dealing with digital signatures. Specifics for encryption are listed in chapter thirteen. Appendices deal with security tools, identity based key management, resources, and a quick reference chart. While the book is well written it is not light, and is probably best suited to those who are well familiar not only with Java programming, but also the internals of the language. On the other hand, dealing with security is a great way to learn the internals of a language. copyright Robert M. Slade, 1998
Add my review for Java Security (Java Series (O'Reilly & Associates).)

Book description:

Java's most striking claim is that it provides a secure programming environment. However, despite lots of discussion, few people understand precisely what Java's claims mean and how it backs up those claims. Java Security is an in-depth exploration aimed at developers, network administrators, and anyone who needs to work with or understand Java's security mechanisms. It discusses in detail what security does and doesn't mean, what Java's default security policies are, and how to create and implement your own policies. In doing so, Java Security provides detailed coverage of security managers, class loaders, the access controller, and much of the java.security package. It discusses message digests, certificates, and digital signatures, showing you how to use Java's facilities for signing classes or to implement your own signature facility. It shows you how to write a class loader that recognizes signed classes, verifies the signature, and cooperates with a security manager to grant additional privileges. It also discusses the problem of managing cryptographic keys and shows you how to implement your own key management systems. Java Security is an essential book for everyone using Java in real-world software. If you're deploying software written in Java, you need to know how to grant your classes the privileges they need, without granting privileges to untrusted classes. You need to know how to protect your systems against intrusion and corruption. Java provides the tools; this book shows you how to use them.

Search The Virtual Bookcase

Enter a title word, author name or ISBN.

The shelves in The Virtual Bookcase

Arts and architecture (25)
Biography (24)
Business and Management (119)
Cars and driving (53)
Cartoons (45)
Children's books (179)
Computer (475)
Computer history/fun (111)
Computer networks (382)
Computer programming (215)
Computer security (269)
Cook books (89)
Fantasy (154)
Fiction (446)
Health and body (70)
History (135)
Hobby (37)
Horror (65)
Humorous books (52)
Literature (57)
Operating systems (94)
Outdoor camping (162)
Outdoors (236)
Politics (83)
Privacy (61)
Psychology (55)
Religion (17)
Science (113)
Science Fiction (156)
Self-help books (55)
Technology (12)
Travel guides (307)
War and weapons (29)
World Wide Web (211)
Zen (5)
Other books (88)
Mailing list
Subscribe to booktalk, the discussion list about books at The Virtual Bookcase.
Enter your e-mail address to subscribe (you will receive an e-mail to confirm your subscription):
The Virtual Bookcase is created and maintained by Koos van den Hout. Contact e-mail webmaster@virtualbookcase.com.
Site credits
Copyright © 2000-2009 Koos van den Hout / The Virtual Bookcase Copyright and privacy statement