Basic HTML version of Foils prepared May 19 99

Foil 52 The Java Security Model

From Remarks on Internet and Java Security Basic Information Track Computational Science Course CPS616 -- Spring Semester 1999. by Geoffrey Fox, Mehmet Sen


Three mechanisms in Java help ensure safety:
Language design features (bound checking on arrays, legal type conversions only, no pointer arithmetic, etc.)
Java "sandbox" mechanism that controls what the code can do (like local file accesses) Common to both Java 1.0 and Java 1.1.
Code signing: Programmers can use standard cryptographic algorithms to embed a "certificate into a Java class. Then, the users can precisely understand who implemented the code and signed. If one alters the code, he would not be able to sign it with the original signature. Users may decide to use or not to use the code depending on the trust of the signer.



© Northeast Parallel Architectures Center, Syracuse University, npac@npac.syr.edu

If you have any comments about this server, send e-mail to webmaster@npac.syr.edu.

Page produced by wwwfoil on Wed May 19 1999