Java Security (Paperback, 2)

1. Java Application Security
What Is Security?
Software Used in This Book
The Java Sandbox
Security Debugging
Summary

2. The Default Sandbox
Elements of the Java Sandbox
Permissions
Keystores
Code Sources
Policy Files
The Default Sandbox
The java.security File
Comparison with Previous Releases
Summary

3. Java Language Security
Java Language Security Constructs
Enforcement of the Java Language Rules
Comparisons with Previous Releases
Summary

4. The Security Manager
Overview of the Security Manager
Operating on the Security Manager
Methods of the Security Manager
Comparison with Previous Releases
Summary

5. The Access Controller
The CodeSource Class
Permissions
The Policy Class
Protection Domains
The AccessController Class
Guarded Objects
Comparison with Previous Releases
Summary

6. Java Class Loaders
The Class Loader and Namespaces
Class Loading Architecture
Implementing a Class Loader
Miscellaneous Class Loading Topics
Comparison with Previous Releases
Summary

7. Introduction to Cryptography
The Need for Authentication
The Role of Authentication
Cryptographic Engines
Summary

8. Security Providers
The Architecture of Security Providers
The Provider Class
The Security Class
The Architecture of Engine Classes
Comparison with Previous Releases
Summary

9. Keys and Certificates
Keys
Generating Keys
Key Factories
Certificates
Keys, Certificates, and Object Serialization
Comparison with Previous Releases
Summary

10. Key Management
Key Management Terms
The keytool
The Key Management API
A Key Management Example
Secret Key Management
Comparison with Previous Releases
Summary

11. Message Digests
Using the Message Digest Class
Secure Message Digests
Message Digest Streams
Implementing a MessageDigest Class
Comparison with Previous Releases
Summary

12. Digital Signatures
The Signature Class
Signed Classes
Implementing a Signature Class
Comparison with Previous Releases
Summary

13. Cipher-Based Encryption
The Cipher Engine
Cipher Streams
Sealed Objects
Comparison with Previous Releases
Summary

14. SSL and HTTPS
An Overview of SSL and JSSE
SSL Client and Server Sockets
SSL Sessions
SSL Contexts and Key Managers
Miscellaneous SSL Issues
The HTTPS Protocol Handler
Debugging JSSE
Summary

15. Authentication and Authorization
JAAS Overview
Simple JAAS programming
Simple JAAS Administration
Advanced JAAS Topics
Summary

A. The java.security File

B. Security Resources

C. Identity-Based Key Management

D. The Secure Java Container

E. Implementing a JCE Security Provider

F. Quick Reference

Index