JavaTM 2 Platform Security Introduced:Security Guides
Security enhancements for Java TM 2 SDK, Standard Edition, v 1.3
- Policy-based, easily-configurable, fine-grained access control. When code is loaded, it is assigned "permissions" based on the security policy currently in effect. Each permission specifies a permitted access to a particular resource (such as "read" and "write" access to a specified file or directory, "connect" access to a given host and port, etc.). The policy, specifying which permissions are available for code from various signers/locations, can be initialized from an external configurable policy file. Unless a permission is explicitly granted to code, it cannot access the resource that is guarded by that permission.
These new concepts of permission and policy enable the Java 2 Platform to offer fine-grain, highly configurable, flexible, and extensible access control. Such access control can now not only be specified for applets, but also for all Java code, including applications, beans, and servlets.
- Certificate interfaces for parsing and managing certificates, and X.509 v3 implementation of the certificate interfaces.
- Three new tools: keytool is used to create public/private keys; to display, import, and export certificates; and to generate X.509 v1 self-signed certificates. jarsigner signs JAR (Java Archive Format) files, and verifies the signature(s) of signed JAR files. policytool creates and modifies the external policy configuration files that define your installation's Java security policy.
- Lists the enhancements and changes to JavaTM 2 Platform Security introduced with this release.
Located on the Java Software web site:
|firstname.lastname@example.org. This is not a subscription list.||