Java QA: Is java is secure and how?

thanassis | Java Questions And Answers | Friday, January 19th, 2007

Security has been implemented in Java since day one.
On four levels:

First, On the language level. Java has tokens to define private spaces (private members, packages, namespaces)

Second, On the runtime level with its bytecode verifier. The bytecode verifier checks to ensure that the class bytecode hasn’t been tampered.

Third, With a Sandbox model guarded by a Security Manager. For example, a SecurityManager object disallows file/net access when running as an applet.

Fourth, With security packages that allow application developers to do things like encoding/decoding/trusting certificates etc.

Although no platform is 100% secure, most of the times you hear about java viruses, trojans, malware etc they do not represent holes in the Java language/platform but in specific implementations of a JVM, (i.e. explorer’s JVM)

No Comments

No comments yet.

Leave a comment

RSS feed for comments on this post. TrackBack URI