Design And Implementation Of Java Security Architecture

Nowaday, network applications are widely used in various industries to solve business problems. Network has specific features for resource sharing, so users could retrieve information in real time and process data timely, this is important for users. At this time, lots of software technologies are invented for network application need. Java is widely accepted and used for it is well-designed for network applications.When users are connected to network, systems have potential risk to be attacked. Especially the native applications downloaded from network. Systems must have the ability to protect native environment from malwares, virus by providing a sandbox to separate native environment. At this time, systems must have ability to protect secure information. For example, when a user browse a web page with Java Applet code, Applet might be downloaded and run in Java runtime environment automatically without notifying users, but Applet maybe comes from unauthenticated sites. Another example, user try to get services to find service objects on network from JINI protocol, the service objects are also unauthencated. All those above will threaten system security. More security requirements are submitted to Java runtime environment. If Java security architecture does not provide security mechanism, we might lose information, reveal data, counterfeit data and modify native security configuration, etc.In information industry, security issues are caused more and more serious results. User, enterprise and government are more focus on security. For information security, designer must deeply understand security related issues including potential threaten, key business process, system architecture, etc. System security should rely on well-designed secutiy architecture and apply security methodology in every part of system. Java is more and more popular in enterprise applications. It is more important for security issues. Java security architecture helps to protect these Java applications from attack in various aspects, including Java platform, Java extensive security architecture, etc.This article mainly analyzes the design and implementation of Java security architecture from source code perspective, in order to help to implement security design methodology.This article describes following parts:1. Analyze Java platform architecture deeply from JVM source code perspective, including JVM security, Java language security, Java built-in security model, Java Applet security, protect Java code.2. Analyze Java extensive security architecture from JDK source code perspective, including user, component, service and transportation. We could extend security architecture by using JCA(Java Cryptography Architecture), JCE(Java Cryptography Extension), Java Certificate Path API, JSSE(Java Secure Socket Extension), JAAS(Java Authentication and Authorization Service), JGSS (Java Generic Security Service).3. Implement a complete security framework.