Operating Systems
Java Language
Java Micro Edition
Java Enterprise
Advanced Java
Java GUI
Java Networking
Java Tools
Programming Languages
Microsoft Technologies
Computer Science
Software Engineering
Web Programming
Web Technologies

Contact Us | What's New | Missing Link | Feedback

Advanced Java

Book Title : Securing Java: Getting Down to Business with Mobile Code
eBook download format(s) : HTM
ISBN-10 : 047131952X 
ISBN-13 : 978-0-471319-52-8 
Author(s) : Gary McGraw Edward W. Felten 
Publisher : Wiley (25 Jan 1999)
Section : Advanced Java
Book Review:
The Java environment is relatively secure, as far as network programming languages go. Java has strong security, but not perfect security. Securing Java explains the known security problems with the language and points out steps that programmers can take to prevent bad guys from taking advantage of their Java-based systems.

Authors Gary McGraw and Edward W. Felten begin with the sandbox--the original Java security model. They then explain why the sandbox, while secure, was too restrictive and was combined with a code-signing model in Java 2.

After explaining how security ought to work, Securing Java reveals a menagerie of applets that have circumvented Java security to achieve a variety of noisome and damaging ends. The authors reveal enough information about these applets to show where the dangers are, and they offer security tips for programmers and network administrators.

McGraw and Felten include a brief but well-informed chapter about the security issues raised by the Java Card environment and smart cards generally. A couple of question-and-answer sections toward the end of Securing Java also deserve special recognition. One, on Java security as a whole, provides succinct and accurate answers to questions about how secure Java is and what you can do to minimize your Java security risk. The other Q&A section compares--fairly and with plenty of information--the security features of Java and ActiveX. --David Wall

Book Description
Information Security/Java "This book is mandatory reading for every user and developer of Webware." -Peter G. Neumann, Moderator of the Risks Forum, from his review of the first edition Securing Java Java security is more important now than ever before. As Java matures and moves into the enterprise, security takes a more prominent role. But as Java evolves, its security issues and architectures get more complicated. Written by the world's leading experts on mobile code security, this updated and expanded edition of the groundbreaking guide to Java security includes lessons for Web users, developers, system administrators, and business decision-makers alike. This book navigates the uncharted waters of mobile code security and arms the reader with the knowledge required for securing Java. It provides in-depth coverage of:

  • The base Java security sandbox, made up of the Verifier, Class Loaders, and the Security Manager
  • Code signing, stack inspection, and the new Java 2 security architecture
  • The pros and cons of language-based enforcement models and trust models
  • All known Java security holes and the attack applets that exploit them
  • Techniques commonly used in malicious applets
  • Twelve rules for developing more secure Java code, with explicit examples
  • Hard questions to ask third-party Java security tools vendors
  • Analysis of competing systems for mobile code, including ActiveX and JavaScript
  • Card Java security, smart card risks, and their impact on e-commerce security

add to                 Digg!

You may use anyone of the download options

eBook VersionBuy this book from Amazon
Front Cover

Missing Link?, Report It and you may wish to  Buy  this book from amazon

Tell a Friend!

Similar Book titles in Advanced Java section:

Similar Book titles in Other sections:

Section: CS -> Compilers and Languages
Theory of Codes

Section: DB -> DB / 2
Administration Getting Started
DB2 APPC, CPI-C, and SNA Sense Codes
DB2 UDB e-business Guide
DB2 Cookbooks Download
Getting Started on Integrating Your Information
Show all..

Section: DB -> Others
Getting Started with JDBC API
Getting Started with OLE DB

Section: Computer Hardware
The Hand-Me-Down PC: Upgrading and Repairing Personal Computers

Section: Logic Design and Architecture
Fast low-power decoders for RAMs

Section: Peripherals
Programming guide and sample code for RTL8139 family

Section: Internet
The XML Files : Using XML for Business-to-Business and Business-to-Consumer Applications
Succeeding At Your Yahoo Business
The Hacker Crackdown: Law and Disorder on the Electronic Frontier
The Information Security Dictionary: Defining the Terms that Define Security for E-Business, Internet, Information and Wireless Technology
Making a Living from Your eBay Business
Show all..

Section: Java Enterprise Edition
J2EE Technology in Practice: Building Business Applications with the Java2 Platform

Section: Java Language
Code Conventions for the Java Programming Language
Brewing Java: A Tutorial

Section: Java Networking
Getting Started with JDBC API

Section: Java Tools
e-business Application Solutions Using Java: Volume I

Section: Miscellaneous
Free Book on Getting Rich
Best Kept Secrets of Peer Code Review
The Unicode Standard, Version 3.0
Applied Cryptography: Protocols, Algorithms, and Source Code in C, 2nd Edition
Optimization of Business Processes: An Introduction to Applied Stochastic Modeling
Show all..

Section: Microsoft C Sharp (C#)
Getting started with C#

Section: Microsoft .(dot) net
.NET Mobile Web Developers Guide
Building Dot Net Applications For Mobile Devices
CodeNotes for .NET
CodeNotes for J#

Section: Networking
Programming Principles in Java: Architectures and Interfaces
GPRS: Gateway to Third Generation Mobile Networks

Section: GNU/Linux OS
Linux Installation and Getting Started
Securing and Optimizing Linux: Red Hat Edition's Getting Started, the Second Edition

Section: Mac OS X
Step into Xcode: Mac OS X Development

Section: Embedded and RTOS
Tornado Getting Started Guide (UNIX Version)

Section: C Language
Writing Bug-Free C Code for Windows: A Programming Style That Automatically Detects Bugs in C Code

Section: C++ Language
Download C++ Programming Book
Debugging C and C++ Code in a Unix Environment

Section: Redbooks Draft
WebSphere Application Server V6 for OS/400: Getting Started
Supporting On Demand Business Applications with IBM's Problem Determination Tools (APA, DT, DT - Advanced Facilities, FA, FM, File Export, WS)
Leveraging DB2 Data Warehouse Edition for Business Intelligence
z/OS: WebSphere Business Process Management V6.1.2 Production Topologies
Informix Dynamic Server V10 . . . . Extended Functionality for Modern Business
Show all..

Section: Redbooks
Microsoft BizTalk to WebSphere Business Intergration Server Express Migration
Dimensional Modeling: In a Business Intelligence Environment
WebSphere Process Integration V6: Business Process Management Modeling through Monitoring
IBM System z9 Business Class Technical Introduction
WebSphere Application Server V6 for OS/400: A Guide to Getting Started
Show all..

Section: Redpapers
Remodeling a Standard Store into the Extended Sites Model With WebSphere Commerce Business Edition V5.6.1
IBM Workplace for Business Strategy Execution
WebSphere Portal Express - Customizing Portal Express for Small to Medium Business
Securing Communications with OpenSSH on IBM i5/OS
WebSphere Business Integration V6 Performance Tuning
Show all..

Section: Redpapers Draft
Workplace for Business Strategy Execution
Securing Communications with OpenSSH on i5/OS
Using a Single Business Pattern with the Rational Unified Process (RUP)
Getting Started with PowerVM Lx86
i5/OS Program Conversion: Getting ready for i5/OS V6R1
Show all..

Section: Software Engineering
Getting Real: The smarter, faster, easier way to build a successful web application book
Innovation Happens Elsewhere - Open Source as Business Strategy

Section: Telecommunication
GPRS for Mobile Internet
Mobile Telecommunications Protocols for Data Networks

Similar Books from Amazon :

Tell a Friend!

©2008 - Home - Privacy Policy - Program Policy, Terms and Conditions