12.5 Security Considerations

Previous page
Table of content
Next page
 <  Day Day Up  >  

The growing opportunity in e-business brings with it a growth in threats over the Internet. The possibility that the message you receive may not be from the person advertised on the message is very real. Senders need to guarantee to recipients that their messages can be authenticated and integrity verified . The technologies of public keys along with signature algorithms provide this degree of trust as part of the Java platform through the JCA. Additional standards, such as PKCS and S/MIME, help developers work with these security objects and resources at a higher level to deliver successful and secure e-business solutions.

The PKCS standards play an important role in some of the basic security infrastructures used by most companies today, such as SSL and TLS protocols (see Section 13.1 on page 449). It is important to make sure that these protocols' implementations contain the most current versions of the PKCS standards. In June 1998, a flaw was found in a PKCS#1 implementation that was used in all the implementations of SSL. The flaw would have allowed sophisticated intruders to use the PKCS#1 implementation vulnerability to recover secret information from an SSL-encrypted session.

 <  Day Day Up  >  

Previous page
Table of content
Next page
Enterprise Java Security. Building Secure J2EE Applications
Enterprise Javaв„ў Security: Building Secure J2EEв„ў Applications
ISBN: 0321118898
EAN: 2147483647
Year: 2004
Pages: 164
Authors: Marco Pistoia, Nataraj Nagaratnam, Larry Koved, Anthony Nadalin
BUY ON AMAZON
CompTIA Project+ Study Guide: Exam PK0-003
Qshell for iSeries
The .NET Developers Guide to Directory Services Programming
Snort Cookbook
An Introduction to Design Patterns in C++ with Qt 4
Lean Six Sigma for Service : How to Use Lean Speed and Six Sigma Quality to Improve Services and Transactions
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy