The Java Security Model
Three mechanisms in Java help ensure safety:
Language design features (bound checking on arrays, legal type conversions only, no pointer arithmetic, etc.)
Java “sandbox” mechanism that controls what the code can do (like local file accesses) Common to both Java 1.0 and Java 1.1.
Code signing: Programmers can use standard cryptographic algorithms to embed a “certificate into a Java class. Then, the users can precisely understand who implemented the code and signed. If one alters the code, he would not be able to sign it with the original signature. Users may decide to use or not to use the code depending on the trust of the signer.