Java Reference
In-Depth Information
As you are likely aware, every time that you download a “normal” program, you are taking
a risk because the code you are downloading might contain a virus, Trojan horse, or other
harmful code. At the core of the problem is the fact that malicious code can cause its dam-
age because it has gained unauthorized access to system resources. For example, a virus
program might gather private information, such as credit card numbers, bank account bal-
ances, and passwords, by searching the contents of your computer's local file system. In
order for Java to enable applets to be safely downloaded and executed on the client com-
puter, it was necessary to prevent an applet from launching such an attack.
Java achieved this protection by confining an applet to the Java execution environment
and not allowing it access to other parts of the computer. (You will see how this is accom-
plished shortly.) The ability to download applets with confidence that no harm will be done
and that no security will be breached is considered by many to be the single most innovat-
ive aspect of Java.
Portability
Portability is a major aspect of the Internet because there are many different types of com-
puters and operating systems connected to it. If a Java program were to be run on virtually
any computer connected to the Internet, there needed to be some way to enable that pro-
gram to execute on different systems. For example, in the case of an applet, the same applet
must be able to be downloaded and executed by the wide variety of different CPUs, oper-
ating systems, and browsers connected to the Internet. It is not practical to have different
versions of the applet for different computers. The
same
code must work in
all
computers.
Therefore, some means of generating portable executable code was needed. As you will
soon see, the same mechanism that helps ensure security also helps create portability.
Java's Magic: The Bytecode
The key that allows Java to solve both the security and the portability problems just de-
scribed is that the output of a Java compiler is not executable code. Rather, it is bytecode.
Bytecode
is a highly optimized set of instructions designed to be executed by the Java run-
time system, which is called the
Java Virtual Machine (JVM)
. In essence, the original JVM
was designed as an
interpreter for bytecode
. This may come as a bit of a surprise because
many modern languages are designed to be compiled into executable code due to perform-
ance concerns. However, the fact that a Java program is executed by the JVM helps solve
the major problems associated with web-based programs. Here is why.
Translating a Java program into bytecode makes it much easier to run a program in a
wide variety of environments because only the JVM needs to be implemented for each plat-
form. Once the run-time package exists for a given system, any Java program can run on
it. Remember, although the details of the JVM will differ from platform to platform, all
