The Java platform facilitates an extensible security architectural model via standards-based security API technologies that provide platform independence and allow interoperability among vendor implementations. These API technologies add a variety of security features to the core Java platform by integrating technologies to support cryptography, certificate management, authentication and authorization, secure communication, and other custom security mechanisms. Figure 4-1 illustrates the Java extensible security architecture and its core API mechanisms. Figure 4-1. Java extensible security architecture and its core APIs
As part of the J2SE bundle, the Java extensible security architecture provides the following set of API frameworks and their implementations, which contributes to the end-to-end security of Java-based applications.
These Java security APIs are made available as part of J2SE 1.4 and later. They were also made available as optional security API packages for use with earlier versions of J2SE. We will take a closer look at each of these API mechanisms in the next sections. |