Java Reference
In-Depth Information
Platform
Socket
Communications
Logging
Security
Cryptography
PKI Infrastructure
Secure
Coding Practices
Authentication & Authorization
Figure 7.2
the important constituents of the new Java security model.
Diferent APIs and libraries, services, and models constitute this overall architecture of Java
Security. hey are the Java Cryptography Architecture (JCA), Java Secure Socket Extensions
(JSSE), Java Authentication and Authorization Services (JAAS), and Java Logging APIs. he JCA
deals with encryption/decryption of the data. he JSSE classes and interfaces deal with securing
network connections; the interfaces and classes of JAAS deal with authentication, authorization,
and access control; and the Logging APIs deal with the logging aspects of the new Java Platform.
However, the Secure Coding Practices component of the overall security aspect of Java is more to
do with the guidelines, best practices, and coding culture.
◾
he Java Cryptography Architecture (JCA) deines classes and interfaces for encryption,
decryption, key management, and other aspects relating to cryptography.
he Java Secure Socket Extension (JSSE) classes and interfaces are used to create secure con-
◾
nections between a Web application (server) and a client.
he Java Logging APIs enable logging aspects of secure applications.
◾
◾
classes and interfaces that have been created for handling the authentication and authoriza-
tion aspects of the Web application.
he Java Authentication and Authorization Services (JAAS), the topic of this chapter, are the
7.4.2 Java Authentication and Authorization Services
he main objective of JAAS is to manage permissions and perform security checks for those
permissions. JAAS is just a simple mix of classes and interfaces speciic to authentication and
authorization, as well as classes and interfaces from other sections of the Java security framework.
However, JAAS does not handle other aspects of the Java security, such as encryption/decryption,
digital signatures, logging, or secure network connections.
Search WWH ::
Custom Search