View Larger Image	Scott Oaks O'Reilly Media, Paperback, 2nd edition, Published May 2001, 599 pages, ISBN 0596001576
	List Price: $44.95 Our Price: $27.95 You Save: $17.00 (38% Off)
	Availability: Out-Of-Stock

People who purchase this book frequently purchase:

• Java Swing, 2nd Edition; Marc Loy, et al, $37.50, 37% Off!
• Java Cookbook, 2nd Edition; Ian F. Darwit, $31.50, 37% Off!
• Java in a Nutshell, 5th Edition; David Flanagan, $28.50, 37% Off!
• Database Programming with JDBC & Java, 2nd Edition; George Reese, $27.50, 39% Off!

• Enterprise Computing : Security
• Programming Languages : Java
• Programming : Object-Oriented

• O'Reilly Media

One of Java's most striking claims is that it provides a secure programming environment. Yet despite endless discussion, few people understand precisely what Java's claims mean and how it backs up those claims. If you're a developer, network administrator or anyone else who must understand or work with Java's security mechanisms, Java Security is the in-depth exploration you need.

Java Security, 2nd Edition, focuses on the basic platform features of Java that provide security--the class loader, the bytecode verifier, and the security manager--and recent additions to Java that enhance this security model: digital signatures, security providers, and the access controller. The book covers the security model of Java 2, version 1.3, which is significantly different from that of Java 1.1. It has extensive coverage of the two new important security APIs: JAAS (Java Authentication and Authorization Service) and JSSE (Java Secure Sockets Extension). Java Security, 2nd Edition, will give you a clear understanding of the architecture of Java's security model and how to use that model in both programming and administration.

The book is intended primarily for programmers who want to write secure Java applications. However, it is also an excellent resource for system and network administrators who are interested in Java security, particularly those who are interested in assessing the risk of using Java and need to understand how the security model works in order to assess whether or not Java meets their security needs.

TABLE OF CONTENTS

1. Java Application Security
     What Is Security?
     Software Used in This Book
     The Java Sandbox
     Security Debugging
     Summary

2. The Default Sandbox
     Elements of the Java Sandbox
     Permissions
     Keystores
     Code Sources
     Policy Files
     The Default Sandbox
     The java.security File
     Comparison with Previous Releases
     Summary

3. Java Language Security
     Java Language Security Constructs
     Enforcement of the Java Language Rules
     Comparisons with Previous Releases
     Summary

4. The Security Manager
     Overview of the Security Manager
     Operating on the Security Manager
     Methods of the Security Manager
     Comparison with Previous Releases
     Summary

5. The Access Controller
     The CodeSource Class
     Permissions
     The Policy Class
     Protection Domains
     The AccessController Class
     Guarded Objects
     Comparison with Previous Releases
     Summary

6. Java Class Loaders
     The Class Loader and Namespaces
     Class Loading Architecture
     Implementing a Class Loader
     Miscellaneous Class Loading Topics
     Comparison with Previous Releases
     Summary

7. Introduction to Cryptography
     The Need for Authentication
     The Role of Authentication
     Cryptographic Engines
     Summary

8. Security Providers
     The Architecture of Security Providers
     The Provider Class
     The Security Class
     The Architecture of Engine Classes
     Comparison with Previous Releases
     Summary

9. Keys and Certificates
     Keys
     Generating Keys
     Key Factories
     Certificates
     Keys, Certificates, and Object Serialization
     Comparison with Previous Releases
     Summary

10. Key Management
     Key Management Terms
     The keytool
     The Key Management API
     A Key Management Example
     Secret Key Management
     Comparison with Previous Releases
     Summary

11. Message Digests
     Using the Message Digest Class
     Secure Message Digests
     Message Digest Streams
     Implementing a MessageDigest Class
     Comparison with Previous Releases
     Summary

12. Digital Signatures
     The Signature Class
     Signed Classes
     Implementing a Signature Class
     Comparison with Previous Releases
     Summary

13. Cipher-Based Encryption
     The Cipher Engine
     Cipher Streams
     Sealed Objects
     Comparison with Previous Releases
     Summary

14. SSL and HTTPS
     An Overview of SSL and JSSE
     SSL Client and Server Sockets
     SSL Sessions
     SSL Contexts and Key Managers
     Miscellaneous SSL Issues
     The HTTPS Protocol Handler
     Debugging JSSE
     Summary

15. Authentication and Authorization
     JAAS Overview
     Simple JAAS programming
     Simple JAAS Administration
     Advanced JAAS Topics
     Summary

A. The java.security File

B. Security Resources

C. Identity-Based Key Management

D. The Secure Java Container

E. Implementing a JCE Security Provider

F. Quick Reference

Index

Forgot your password? FAQs Shipping Options Returns Your Orders Your Account