security : Java Glossary
home S words local find no local find frame, full screen Google search web for topic jump to footer translate with Babelfish by Roedy Green ©1996-2008 Canadian Mind Products
Go to : punctuation 0-9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z (all)
security
Java has features to prevent Applets downloaded off the web from doing any deliberate damage. It also has features to prevent ordinary applications from inadvertently doing damage. One other aspect of security are digital signatures so that you can ensure an Applet came unmodified from a reputable source.

There are many digital signing and encryption protocols. Here is a summary based on a table on page 218 of Web Security & Commerce.

book_cover recommend book⇒Web Security & Commerce
 paperback
ISBN10:1-56592-269-7
ISBN13:978-1-56592-269-3
publisher:O’Reilly recommended
published:1997-06-01
by:Simson Garfinkle and Gene Spafford
Canadian flag amazon.ca. amazon.com. American flag
Canadian flag chapters.indigo.ca . powells.com American flag
French flag amazon.fr. barnesandnoble.com American flag
German flag amazon.de. download O’Reilly Safari American flag
UK flag amazon.co.uk.   
System What is it? Algorithms Provides
DNSSEC Secure Domain Name System RSA, MD5 Authentication, integrity
IPsec and IPv6 Low-level protocol for encrypting IP packets Diffie-Hellman and others Confidentiality (optional), authentication, integrity
JCE Java Cryptographic Extension API from Sun RSA (signature and encryption), RC2, RC5, SHA-0, SHA-1, MD5, DES, ECB, CBC, IDEA, Blowfish, Twofish. Allows Java to encrypt and sign files
Kerberos Network security service for securing higher-level applications DES Email passwords, Telnet logins, Confidentiality, authentication
PCT Protocol for encrypting TCP, IP transmissions. RSA, MDS, RCZ, RC4, and others Confidentiality, authentication, integrity, nonrepudiation
PGP Application program for encrypting electronic mail IDEA, RSA, MD5 Email signing and encryption, File encryption, Confidentiality, authentication, integrity, nonrepudiation
S-HTTP Protocol for encrypting HTTP requests and responses RSA, DES, and others Confidentiality, authentication, integrity, nonrepudiation; however, it’s obsolete
S/MIME Format for encrypting electronic mail User-specified E-mail signing and encryption, Confidentiality, authentication, integrity, nonrepudiation
SET and CyberCash Protocols for sending secure payment instructions over the Internet RSA, MDS, RC2 Confidentiality of credit card numbers, but nothing else; integrity of entire message; authentication of buyer and seller; nonrepudiation of transactions
SSH Encrypted remote terminal RSA, Diffie-Hellman, DES, Triple-DES, Blowfish, and others Telnet encryption and login, Confidentiality, authentication
SSL v3 Protocol for encrypting TCP/IP transmissions RSA, RCZ, RC4, MD5, and others Website commerce, compression, Confidentiality, authentication, integrity, nonrepudiation
TLS 1 Protocol for encrypting TCP/IP transmissions a 128-bit improvement on SSL v3. Handles all the SSL v3 protocols including RSA, RCZ, RC4 and MD5. Opera browser, Website commerce, compression, Confidentiality, authentication, integrity, nonrepudiation
Asymmetric Key Uses private and public keys for encryption and signing RSA, DSA and DiffieHellman Code signing, encryption, authentication. DSA is the Digital Signature Alorithm, not used for encryption.
Symmetric Key Uses only secret keys for encryption. DES, Blowfish, TripleDES encryption, authentication. Same key used for encryption must be used for decryption.
You can browser for security at scan-it or at Symantec Find out for example if your browser is secretly blabbing your email address to every website it visits.

Your Java security is only as good as the OS security backing it up. These two websites will probe your OS for security holes and report them back to you. www.DSLREPORTS.com (pay) and spinrite.com (free). When I ran the SpinRite report my hair stood on end about all the information NT was blabbing to the universe without my permission.

Windows NT/2000 has over 1000 known security holes. There are ways of plugging some of them. Stat is a tool for managing this giant piece of Swiss cheese.

Learning More

Sun’s Developer On-line Training on Security
Applets
authentication
authorisation
Blowfish
BouncyCastle
capabilities
certificate
cryptography
digital signing
firewall
JNI
MD5
PGP
sandbox
SET
SHA-1
signed Applets
SSH
SSL
X.509 v3
CMP_homejump to top
CMP logo		 feedback Please email your feedback for publication, errors, omissions, broken/redirected link reports
and suggestions to improve this page to Roedy Green : feedback email
made with CSS
HTML Checked!
ICRA ratings logo
mindprod.com IP:[65.110.21.43]
Your face IP:[38.103.63.18] The information on this page is for non-military use only.
You are visitor number 11,831. Military use includes use by defence contractors.
You can get a fresh copy of this page from: or possibly from your local J: drive (Java virtual drive/Mindprod website mirror)
http://mindprod.com/jgloss/security.html J:\mindprod\jgloss\security.html