Summary

This chapter offered a tour of the Java extensible security architecture and its core API technologies that contribute to building an end-to-end security infrastructure for Java-based application solutions. We studied the various Java security API technologies that provide support for the following:

• Using cryptographic services in Java

• Using certificate interfaces and classes for managing digital certificates

• Using Public Key Infrastructure (PKI) interfaces and classes to manage the key repository and certificates

• Using secure socket communication to protect the privacy and integrity of data transmitted over the network

• Using hardware accelerators and smart card based keystores

• Using authentication and authorization mechanisms for enabling single sign-on access to underlying applications

We also looked at the security enhancements available from J2SE 5.0. In particular, we looked at the API mechanisms and programming techniques of the following Java extensible security technologies:

• The Java Extensible Security Architecture

• Java Cryptographic Architecture (JCA)

• Java Cryptographic Extensions (JCE)

• Java Certification API (Java CertPath)

• Java Secure Socket Communication (JSSE)

• Java Authentication and Authorization Services (JAAS)

• Java Generic Secure Services (JGSS)

• Java Simple Authentication and Security Layer (Java SASL)

It is important to know these technologies, because they serve as the foundation for delivering end-to-end security to Java-based applications and Web services.

In the next chapter, we will explore the security techniques and mechanisms available for securing J2EE-based applications and Web services.