As you are likely aware, every time you download a "normal" program, you are taking a
risk, because the code you are downloading might contain a virus, Trojan horse, or other
harmful code. At the core of the problem is the fact that malicious code can cause its damage
because it has gained unauthorized access to system resources. For example, a virus program
might gather private information, such as credit card numbers, bank account balances, and
passwords, by searching the contents of your computer 's local file system. In order for Java
to enable applets to be downloaded and executed on the client computer safely, it was
necessary to prevent an applet from launching such an attack.
Java achieved this protection by confining an applet to the Java execution environment
and not allowing it access to other parts of the computer. (You will see how this is
accomplished shortly.) The ability to download applets with confidence that no harm will
be done and that no security will be breached is considered by many to be the single most
innovative aspect of Java.
Portability is a major aspect of the Internet because there are many different types of
computers and operating systems connected to it. If a Java program were to be run on
virtually any computer connected to the Internet, there needed to be some way to enable
that program to execute on different systems. For example, in the case of an applet, the
same applet must be able to be downloaded and executed by the wide variety of CPUs,
operating systems, and browsers connected to the Internet. It is not practical to have
different versions of the applet for different computers. The same code must work on all
computers. Therefore, some means of generating portable executable code was needed. As
you will soon see, the same mechanism that helps ensure security also helps create portability.
Java's Magic: The Bytecode
The key that allows Java to solve both the security and the portability problems just described
is that the output of a Java compiler is not executable code. Rather, it is bytecode. Bytecode is
a highly optimized set of instructions designed to be executed by the Java run-time system,
which is called the Java Virtual Machine (JVM). In essence, the original JVM was designed as
an interpreter for bytecode. This may come as a bit of a surprise since many modern languages
are designed to be compiled into executable code because of performance concerns. However,
the fact that a Java program is executed by the JVM helps solve the major problems associated
with web-based programs. Here is why.
Translating a Java program into bytecode makes it much easier to run a program in
a wide variety of environments because only the JVM needs to be implemented for each
platform. Once the run-time package exists for a given system, any Java program can run
on it. Remember, although the details of the JVM will differ from platform to platform, all
understand the same Java bytecode. If a Java program were compiled to native code, then
different versions of the same program would have to exist for each type of CPU connected
to the Internet. This is, of course, not a feasible solution. Thus, the execution of bytecode by
the JVM is the easiest way to create truly portable programs.
The fact that a Java program is executed by the JVM also helps to make it secure.
Because the JVM is in control, it can contain the program and prevent it from generating
Search WWH :