| Java Security
Model
Can any one tell me about Java Security model? Java follows sandbox security model
where privileges for the code can depend on the source and is extensively
customizable. If the code is coming from a trusted source then the sandbox
gives it its due priveleges however if the code is coming from an
It is really not possible to explain the whole Java Security model in one mail. Java's security involves the participation of all the parts of its architecture: classloader, class file verifier, VM, language(API). Classloaders place the loaded classes into different protection domains, each protection domain has different sets of permissible operations. Classes loaded by each classloader has a different namepace. Classes loaded by the bootstrap classloader are completely trusted and since other classes are loaded by a different classloader other than the bootstrap they have different namespace and you cant fool a VM by loading your own java.lang.whatever class. there's lots more to it.... The class file verifier does semantic checks, bytecode verification compatibility checks etc. And the JVM does many checks for tye-safety, null references, array bounds. Does'nt allow memory access, no memory leaks(if you are even minimally careful). These infact constitute the Java buzzwords. The Java language offers a variety of features which let you customize security poilcy for an application. You can specify security polocies in a policy file and give to the VM which will enforce the security accordingly. A lot of work is done by the Access Controller class of the Java API. Lots Lots Lots more to it.....as I said it's impossible to tell it all. Vinay.
Related:
Java Certification, Programming, JavaBean and Object Oriented Reference Books Return to : Java Programming Hints and Tips All the site contents are Copyright © www.erpgreat.com
and the content authors. All rights reserved.
|