Table of Contents
Remarks on Internet and Java Security��Spring 99
Abstract of CPS616 Java and Internet Security Presentation
Some Reference Material
Some General Issues I
Some General Issues II
Need for Security in Commerce - I
Need for Security in Commerce - II
Structure of Internet and Security-I
Structure of Internet and Security-II
Structure of Internet and Security-III
A PKZIP Anecdote
Downloading Software is Dangerous?
The Moldavia Pornographic Phone Scam
An Early Netscape DNS Bug
Tempest and Control Zones
Military Security Levels
Firewalls and Gateways - I
Firewalls and Gateways II
Encrypted Tunnels
The Great Clipper Controversy
Export Restrictions on Cryptography
Denial of Service versus “Attacks”
Combining Denial of Service with more Malicious Attack
Comments on Denial of Service
Some Attacking Concepts
Naïve way Viruses Spread themselves
Introduction to Cryptography
Breaking an Encryption Scheme
Types of Cryptographic Function
Security Uses of Cryptography
Secret Key Cryptography
Uses of Secret Key Cryptography
Secret Key Authentication
Message Integrity with Secret Key Cryptography
Public Key Cryptography
Insecure Link Transmission with Public Key Cryptography
Authentication with public key Cryptography
Digital Signatures and Public Key Cryptography
Use of Digital Signatures with public key Cryptography
Hash and Message Digests
Some Math Behind Secret Key Cryptography
Some Math behind RSA Algorithm -I
Some Math behind RSA Algorithm -II
Certificate Authorities
Review of Certificate Process
Sample Certificate from Netscape�
VeriSign Digital ID’s or Certificates - I
VeriSign Digital ID’s or Certificates - II
VeriSign’s Description of Digital ID’s
VeriSign’s Description of Certificate Revocation I
VeriSign’s Description of Certificate Revocation II
The Java Security Model
Sandbox mechanism
What can applets do - I?
What can applets do - II?
What can applets do - III?
The Byte Code Verifier
Byte Code Verification
Why is type checking important!
Applet Class Loader
Going beyond the Sandbox: History of Java Security Models
Going beyond the Sandbox-2
Going beyond the Sandbox-3
JDK 1.2 Security Model
JAVA Fine-grained Access Control-1
JAVA Fine-grained Access Control-2
JAVA Fine-grained Access Control-3
JAVA Fine-grained Access Control-4
JAVA Fine-grained Access Control-5
JAVA Fine-grained Access Control-6
JAVA Fine-grained Access Control-7
Java Security-Related Tools
How to sign Java Code
Signing Classes with the Netscape Object Signing Tool
Netscape Object Signing Tool -2
Netscape Object Signing Tool -3
Signing Java Applets with Microsoft's Authenticode
Microsoft's Authenticode 2
Signing Code with Sun's JDK 1.1.x
Signing Code with Sun's JDK 1.1.x-2
Signing Code with Sun's JDK 1.1.x-3
Browsing Signed Applets
The Java Authentication Framework
The Java Authentication Framework-2
Signing Code with Sun's Java 2
Signing Code with Sun's Java 2-II
Signing Code with Sun's Java 2-III
Signing Code with Sun's Java 2-IV
Some Comparisons of Sign Tools
Some Comparisons of Sign Tools - 2
|