Start of Tutorial > Start of Trail > Start of Lesson

Search Feedback Form

Security Enhancements

This release introduces three new major security enhancements:

• Policy-based, easily-configurable, fine-grained access control.
  When code is loaded, it is assigned "permissions" based on the security policy currently in effect. Each permission specifies a permitted access to a particular resource (such as "read" and "write" access to a specified file or directory, "connect" access to a given host and port, etc.). The policy, specifying which permissions are available for code from various signers/locations, can be initialized from an external configurable policy file. Unless a permission is explicitly granted to code, it cannot access the resource that is guarded by that permission. These new concepts of permission and policy enable the JDK to offer fine-grain, highly configurable, flexible, and extensible access control. Such access control can now not only be specified for applets, but also for all Java code, including applications, Beans, and servlets.

• Certificates
  JDK 1.1 includes certificate interfaces for parsing and managing certificates and X.509 v3 implementation of the certificate interfaces.

• Three new tools
  keytool is used to create public/private keys; to display, import, and export certificates; and to generate X.509 v1 self-signed certificates.
  jarsigner signs JAR (Java Archive Format) files, and verifies the signature(s) of signed JAR files.
  policytool creates and modifies the external policy configuration files that define your installation's Java security policy.

Start of Tutorial > Start of Trail > Start of Lesson

Search Feedback Form

Copyright 1995-2005 Sun Microsystems, Inc. All rights reserved.