Java Extensible Security Architecture

Previous page
Table of content
Next page

The Java platform facilitates an extensible security architectural model via standards-based security API technologies that provide platform independence and allow interoperability among vendor implementations. These API technologies add a variety of security features to the core Java platform by integrating technologies to support cryptography, certificate management, authentication and authorization, secure communication, and other custom security mechanisms.

Figure 4-1 illustrates the Java extensible security architecture and its core API mechanisms.

Figure 4-1. Java extensible security architecture and its core APIs


As part of the J2SE bundle, the Java extensible security architecture provides the following set of API frameworks and their implementations, which contributes to the end-to-end security of Java-based applications.

  • Java Cryptography Architecture (JCA): Provides basic cryptographic services and algorithms, which include support for digital signatures and message digests.

  • Java Cryptographic Extension (JCE): Augments JCA functionalities with added cryptographic services that are subjected to U.S. export control regulations and includes support for encryption and decryption operations, secret key generation and agreement, and message authentication code (MAC) algorithms.

  • Java Certification Path API (CertPath): Provides the functionality of checking, verifying, and validating the authenticity of certificate chains.

  • Java Secure Socket Extension (JSSE): Facilitates secure communication by protecting the integrity and confidentiality of data exchanged using SSL/TLS protocols.

  • Java Authentication and Authorization Service (JAAS): Provides the mechanisms to verify the identity of a user or a device to determine its accuracy and trustworthiness and then provide access rights and privileges depending on the requesting identity. It facilitates the adoption of pluggable authentication mechanisms and user-based authorization.

  • Java Generic Secure Services (JGSS): Provides functionalities to develop applications using a unified API to support a variety of authentication mechanisms such as Kerberos based authentication and also facilitates single sign-on.

These Java security APIs are made available as part of J2SE 1.4 and later. They were also made available as optional security API packages for use with earlier versions of J2SE. We will take a closer look at each of these API mechanisms in the next sections.



Previous page
Table of content
Next page
Core Security Patterns. Best Practices and Strategies for J2EE, Web Services, and Identity Management
Core Security Patterns: Best Practices and Strategies for J2EE, Web Services, and Identity Management
ISBN: 0131463071
EAN: 2147483647
Year: 2005
Pages: 204
Authors: Christopher Steel, Ramesh Nagappan, Ray Lai
BUY ON AMAZON
Kanban Made Simple: Demystifying and Applying Toyotas Legendary Manufacturing Process
Introduction to 80x86 Assembly Language and Computer Architecture
Practical Intrusion Analysis: Prevention and Detection for the Twenty-First Century: Prevention and Detection for the Twenty-First Century
Cisco ASA: All-in-One Firewall, IPS, and VPN Adaptive Security Appliance
Java All-In-One Desk Reference For Dummies
Microsoft Visual Basic .NET Programmers Cookbook (Pro-Developer)
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy