Securing Java

---

---

ORIGINAL DRAFT

System administrators, as a group, are sometimes a little paranoid, thrusting seemingly-unreasonable, restrictive security requirements on poor developers who argue that the odds against running into some of these problems are astronomical. Both parties are right, of course, but ignoring security is a dangerous precedence, readily exploited by unscrupulous hackers looking for an easy score and a reputation to match. This books takes a look at a range of security problems and provides insights into what can (and typically has) been done, where the holes are and how to deal with Java security in general.

This book can easily be defined by what it is not, as well as what it is. It is not a book about cryptography or about the Java Security API. It is not about implementing encryption, secure protocols or about the politics of encryption technology and export restrictions. What it covers, however, includes hostile applets, the Java sandbox and security policies, various attack strategies and how to find additional information about these topics. In short, from an administrative point of view, its what you need to know if you are deploying Java technology in an enterprise market. From a developer’s point of view, it tells you what administrators need to see to allow them to deploy your applications, something you will benefit from knowing well ahead of time.

Chapter 1 takes a look at why security is important, with Chapter 2 covering the sandbox model and what it means at different levels. Chapter 3 explores code signing, a topic that gets revisited in Appendix C, covering the many methods available for signing Netscape browser code, using MS authenticode and CAB files, along with the JDK 1.1 and Java 2 differences. This appendix is a great collection of sometimes hard to find knowledge that adds a lot of value to this book. Chapters 4 and 5 look at malicious applets and the kinds of attacks they might exploit. Chapter 6 takes a look at third party solutions, talking about which problems can be addressed and which are nothing more than a risky proposition.

Chapter 7 provides some guidelines for developing more secure Java code. I found Chapter 8 especially interesting because it covers some unfamiliar territory, the Java Card security model. The authors point out some interesting security risks you want to be aware of if you plan to work with this technology. Chapter 9 looks at the future of Java security, and the book wraps up with three appendices, the third of which we’ve already mentioned. Appendix A is a FAQ that compares Java and ActiveX security issues. Appendix B provides a list of books, links, FAQs, papers and other sources of additional information on Java Security.

If you are working with Internet or enterprise solutions, you need to be sensitive to security issues and this book provides a good, pragmatic overview of where you might find security holes in your system. This is applicable to system administrators who need to understand the risks that go with Java and to developers who need to address these problems in their projects. The more you understand these issues, the more effective your development and deployment efforts are likely to be. In short, if you have security concerns, as many of us should if we don’t already, this book is a good investment.