Securing Java: Getting Down to Business with Mobile Code / Edition 2

Securing Java: Getting Down to Business with Mobile Code / Edition 2

by Gary McGraw, Edward W. Felten
     
 

ISBN-10: 047131952X

ISBN-13: 9780471319528

Pub. Date: 01/22/1999

Publisher: Wiley

Information Security/Java "This book is mandatory reading for every user and developer of Webware." -Peter G. Neumann, Moderator of the Risks Forum, from his review of the first edition Securing Java Java security is more important now than ever before. As Java matures and moves into the enterprise, security takes a more prominent role. But as Java evolves, its

Overview

Information Security/Java "This book is mandatory reading for every user and developer of Webware." -Peter G. Neumann, Moderator of the Risks Forum, from his review of the first edition Securing Java Java security is more important now than ever before. As Java matures and moves into the enterprise, security takes a more prominent role. But as Java evolves, its security issues and architectures get more complicated. Written by the world's leading experts on mobile code security, this updated and expanded edition of the groundbreaking guide to Java security includes lessons for Web users, developers, system administrators, and business decision-makers alike. This book navigates the uncharted waters of mobile code security and arms the reader with the knowledge required for securing Java. It provides in-depth coverage of:
* The base Java security sandbox, made up of the Verifier, Class Loaders, and the Security Manager
* Code signing, stack inspection, and the new Java 2 security architecture
* The pros and cons of language-based enforcement models and trust models
* All known Java security holes and the attack applets that exploit them
* Techniques commonly used in malicious applets
* Twelve rules for developing more secure Java code, with explicit examples
* Hard questions to ask third-party Java security tools vendors
* Analysis of competing systems for mobile code, including ActiveX and JavaScript
* Card Java security, smart card risks, and their impact on e-commerce security
On the companion Web site www.securingjava.com you'll find:
* The Java Security Hotlist: Over 100 categorized and annotated Java security-related Web links
* An e-mail list to keep subscribers abreast of breaking Java security news
* A complete electronic edition of this book

Product Details

ISBN-13:
9780471319528
Publisher:
Wiley
Publication date:
01/22/1999
Pages:
324
Product dimensions:
7.45(w) x 9.16(h) x 0.81(d)

Table of Contents

Mobile Code and Security: Why Java Security Is Important.

The Base Java Security Model: The Original Applet Sandbox.

Beyond the Sandbox: Signed Code and Java 2.

Malicious Applets: Avoiding a Common Nuisance.

Attack Applets: Exploiting Holes in the Security Model.

Securing Java: Improvements, Solutions, and Snake Oil.

Java Security Guidelines: Developing and Using Java More Securely.

Java Card Security: How Smart Cards and Java Mix.

The Future of Java Security: Challenges Facing Mobile Code.

Appendices.

References.

Index.

Customer Reviews

Average Review:

Write a Review

and post it to your social network

     

Most Helpful Customer Reviews

See all customer reviews >