WWW:Beyond the Basics

14 Java Security

14.4 Java Security Features

Many computer and network systems try to maintain security by hiding the inner works and policies of the system. This practice is called security through obscurity. It assumed that if the system was presented as a black box, then no one would expend the effort needed to discover the hidden vulnerabilities. The existence of a number of well publicized attacks in the past demonstrates that this assumption is wrong; the box is never black enough. For widely used systems, too many people know the internal workings of the system for the details to remain secret and the rewards for breaking into the system are too great.

Sun has chosen the exact opposite approach, and has published all the details of the Java security model when it was released. This includes the design specifications, the sandbox model and the full source implementation. This approach is called security through openness. It is intended to encourage security researchers to examine the model and report security flaws before attacks based on it become endemic. This allows an organization to study the Java security model in detail and make an informal assessment of the potential risks versus the benefits of the Java platform.

[PREV][NEXT][UP][HOME][VT CS]

Copyright © 1996 Virginia Polytechnic Institute & State University
All Rights Reserved

Vijay Sureshkumar <vijay@csgrad.cs.vt.edu>
Last modified: Sun Oct 20 21:52:09 1996