The designers of Java intended from the beginning to provide
a language that would excel at network
applications. This meant dealing with the challenges of malevolent
intrusions over the network. From applets to heavy duty enterprise
middleware, the JVM must prevent access to forbidden areas of
the platform and stop abusive code from interfering with the system.
To insure that class files cannot be manipulated
to get around these restrictions, the designers built a security
framework into the language from the ground up. This framework
includes lines of defense against Java code attempting reaching
into areas it should not.
A major line of defense is provided by the language
design and the JVM:
- An array index must stay in bounds
- can't go out of range accidentally or deliberately
- No direct memory pointers -
this prevents access to memory outside the program's heap. This
is true even at the bytecode level in the class files.
- Type-safe casting - can
only cast an object to its own class or one of its superclasses.
In this section we will discuss the following three
additional techniques built into Java to block renegade code:
- Class
Loading - this involves a multi-step process
of finding the class and reading in the bytes, and organizing
the data into the class structure, i.e. methods, fields, etc.
It will prevent the loading of files in which the data has been
corrupted in some way.
- Class Verification
- use several tests to check the class for pathologies in the
bytecode.
- SecurityManager
- Once the class is loaded, the security manager can restrict
its access to various resources and services such as the local
disk, input/output, etc.
Note: We don't discuss in
this course the java.security
package and its sub-packages that add yet another level of security
and deal especially with the issues of secure communications.
These packages provide tools for encrypting/decrypting objects,
public/private keys, code signing, certificates, secure class
loaders, and all that. See Reference 2 for information about Java
cryptography.
References & Web
Resources
- Chapter
14 : HTTP Server - SecurityManager
- JavaTM
2 Platform Security Architecture by Li Gong, version 1.2,
2002,Sun Microsystems.
- JavaTM
Cryptography Architecture API Specification & Reference
Latest update: Oct. 20, 2004
|