|
Security is of huge importance to the computing industry the growth in ecommerce has brought the topic from the shadows of highlevel specialists into the public eye. Nowadays breaches in security for B2C based etailers are big news, and damage not only the reputation of the individual organization, but also confidence in the industry as a whole. Computer security covers a multitude of areas ranging from lowlevel operating system security to higherlevel application security. This book concentrates on the latter, and will show you how to protect your applications with cryptography and the Java security model. Beginning with simple examples and clear descriptions of different cryptography approaches, such as symmetric and asymmetric encryption, the book will build in complexity, through consideration of public key infrastructure and SSL, to provide a comprehensive set of solutions for the enterprise Java developerText for advanced Java programmers looking to develop skills in security, an understanding of techniques for building cryptography applications, and learning how key Java cryptography components can by employed. Considers public key infrastructure and SSL in the discussion. Softcover. Topics covered: Overview of enterprise security issues, defining a security policy, Java security features, support for security in Java code (accessibility, serialization, sealed JAR files, and privileged code), introduction to cryptography and encryption, introduction to symmetric and asymmetric encryption, authentication, the Java Cryptography Architecture (JCA), the Java Cryptography Extension (JCE), symmetric encryption with Java (including passwordbased encryption, ciphers, and sealed objects), asymmetric encryption in Java (including file encryption with RSA), message digests, digital signatures, digital certificates, signing JAR files (permissions and applets), additional security in Java with servlets and EJB, the Java Authentication and Authorization Service (JAAS), using SSL in Java applications, securing JDBC database connections, case study for a secure online banking application, building a custom JCE provider (using the RSA algorithm), additional security techniques (securing email, timestamping, secure logging, using a nonce), and quick reference for using MySQL with JDBC.
|
|
|