index [ptgmedia.pearsoncmg.com]ptgmedia.pearsoncmg.com/images/0201787911/index/gongindex.pdf ·...
TRANSCRIPT
339
Index
Symbols${/} shortcut for ${file.separator} 284${property} to specify property value 283–
285/ always used in codeBase URLs as directory
separator 278/ at end of codeBase URL 278/- at end of codeBase URL 278/* at end of codeBase URL 278\\ for single backslash in file paths 281
AAbstract Syntax Notation 1 (ASN.1) stan-
dard 131, 194accept method 251acceptSecContext method 244, 248access control
algorithmbasic 94–97extended 98–101full 107–109, 150–152
code-centric 142context
See contextprincipal-based 150–152user-centric 142
AccessControlContext class 90–91, 94, 105–109, 124–125, 150–151
See also contextAccessControlException class 94, 158AccessController class 92–112, 150–151
interface design 93versus SecurityManager class 109–110
actions, permissions 60
add methodPermissionCollection class 66Permissions class 67
adding providers 187, 273–274addProvider method 187, 273AES (Advanced Encryption Standard) 14,
233, 236algorithm specifications 237–240algorithm-independent initialization 202AlgorithmParameterGenerator class 194AlgorithmParameters class 193, 213AlgorithmParameterSpec interface 193algorithm-specific initialization 203alias, keystore entry 205, 290aliases method 205AllPermission class 63–64, 68AppletClassLoader class 44, 49, 53applets 25
signed 29–30appletviewer utility program 44–45, 271application class loader 43, 45, 49application class path 55–56application classes 43architecture, security
benefits 37customizing 113–125deploying 265–308new, reasons for 31–34original 25–27overview 34–39
ASN.1 (Abstract Syntax Notation 1) stan-dard 131, 194
asymmetric cipher 15–16AudioPermission class 62
gfeIX.fm Page 339 Wednesday, April 30, 2003 4:50 PM
Index340
auditing permission calls 119–120authenticated identity 127authentication
digital signature 138distributed end entity 152–156entity 127JAAS 141–148, 153Java GSS-API 152–154, 242JSSE 152, 155–156overview 16–19peer-to-peer 152
Authenticator class 152–153authorization 141–142, 149–152AuthPermission class 62AWTPermission class 62, 114
BBase64 encoding 131, 140, 225BasicPermission class 59–60, 62–63Bell-LaPadula confidentiality model 8, 12Blowfish
algorithm description 231standard algorithm name 231, 233, 236SunJCE implementation 186, 209, 214
bootstrap class loader 38, 42, 45Bracha, G. 43build method 136bytecode verification 26–29
CCA
See Certification Authoritycacerts keystore file 295–296CallbackHandler interface 147–149callbacks, for login modules 148–149Cambridge Time-Sharing Computer System
13CBC (Cipher Block Chaining mode) 234certificate chains 16, 293, 295Certificate class 134, 144
programming example 225–226certificate reply 225, 293–294Certificate Revocation List (CRL) 130, 134,
201Certificate Signing Request (CSR) 132, 225
keytool generation of 293, 298, 300certificate type standard names 232CertificateFactory class 134–135, 201
programming example 225–226certificates
See digital certificatesCertification Authority 128, 132, 225certification path 128, 134–137Certification Practice Statement (CPS) 132CertPath class 135–136CertPathBuilder class 136–137CertPathBuilderException class 136CertPathBuilderResult interface 136CertPathParameters interface 136CertPathValidator class 135, 137CertPathValidatorResult interface 135CertStore class 137CFB (Cipher Feedback mode) 234checkGuard method 172, 174–175checkPermission method
AccessControlContext class 90AccessController class 90–91, 93–94, 109–
110, 125SecurityManager class 88–90, 92–93, 109–
110Chinese Remainder Theorem (CRT) 198–
199Chinese Wall security model 11cipher
See also Cipher classasymmetric 15–16definition 178standard names for algorithm, mode, and
padding 233symmetric 14
Cipher Block Chaining mode (CBC) 234Cipher class 208–214
See also cipherprogramming example 226–227
Cipher Feedback mode (CFB) 234ciphertext 14–15Clark-Wilson integrity model 11class loading 41–56
application class loader 43, 45, 49bootstrap class loader 38, 42, 45custom class loaders 44defining a class 50–51defining class loader 42, 46delegation of class loader 45–50extension class loader 43, 45initiating class loader 42, 45
gfeIX.fm Page 340 Wednesday, April 30, 2003 4:50 PM
Index 341
lazy loading 41multiple namespaces 41primordial class loader 38, 42
classes (concepts and use)association with ProtectionDomains 74class type 42defining 50–51file format 25, 42files 42finding 47inner classes, security issues 167loading
See class loadingpaths 55–56system classes 43, 55–56, 78
classes (listed by name)AccessControlContext 90–91, 94, 105–109,
124–125, 150–151AccessControlException 94, 158AccessController 92–112, 150–151AlgorithmParameterGenerator 194AlgorithmParameters 193, 213AllPermission 63–64, 68AppletClassLoader 44, 49, 53AudioPermission 62Authenticator 152–153AuthPermission 62AWTPermission 62, 114BasicPermission 59–60, 62–63Certificate 134, 144, 225–226CertificateFactory 134–135, 201, 225–226CertPath 135–136CertPathBuilder 136–137CertPathBuilderException 136CertPathValidator 135, 137CertStore 137Cipher 208–214, 226–227ClassLoader 43, 45CodeSource 69–74Configuration 146CRL 134DelegationPermission 62, 245, 247DESedeKeySpec 216DESKeySpec 216–217DSAParameterSpec 193, 222DSAPrivateKeySpec 197–198, 223DSAPublicKeySpec 198, 200, 224EncodedKeySpec 199
FileInputStream 175–176FilePermission 58–60, 119, 175GSSManager 242–245, 247GuardedObject 172–176HttpsURLConnection 253–254InvalidAlgorithmParameterException 136,
210InvalidKeyException 210IvParameterSpec 214KeyAgreement 217–219KeyFactory 185, 200, 223–224KeyFactorySpi 185KeyGenerator 215–216, 226KeyManagerFactory 250, 258–260KeyPair 202, 222–224KeyPairGenerator 202, 222KeyStore 137, 203–205, 257, 291–292Krb5LoginModule 152, 154–155Logger 119LoggingPermission 62LoginContext 146–147Mac 219–220MessageDigest 185, 188–189, 220–222MessageDigestSpi 185MessageProp 249NetPermission 62PasswordAuthentication 153PBEKeySpec 216, 227, 230PBEParameterSpec 214, 229Permission 59–62, 113, 174PermissionCollection 66–67, 114Permissions 67PKCS8EncodedKeySpec 199PKIXParameters 136Policy 57, 80–82PrivateCredentialPermission 145PropertyPermission 62, 114ProtectionDomain 50–51, 74–79, 152Provider 188, 273Random 206ReflectPermission 62, 68RSAMultiPrimePrivateCrtKeySpec 199RSAPrivateCrtKeySpec 198RSAPrivateKeySpec 198–199RSAPublicKeySpec 199RuntimePermission 60, 62, 113–114SealedObject 171–172SecretKeyFactory 216–217, 229
gfeIX.fm Page 341 Wednesday, April 30, 2003 4:50 PM
Index342
classes (listed by name), continuedSecretKeySpec 217SecureClassLoader 43–53SecureRandom 206–208, 222Security 187–188SecurityException 82, 158SecurityManager 87–90, 92, 109–110,
118–120, 150SecurityPermission 62SerializablePermission 62ServerSocketFactory 250ServicePermission 154–155, 245–247Signature 169, 184, 190–192, 222–224SignatureSpi 184SignedObject 168–171SocketFactory 250SocketPermission 113SQLPermission 62SSLContext 250, 252, 254–256SSLPermission 62SSLServerSocket 250–251SSLServerSocketFactory 250–252SSLSocket 250–252SSLSocketFactory 250–253, 255Subject 144–152, 154SubjectDomainCombiner 125System 89TrustAnchor 136TrustManagerFactory 250, 256–258UnresolvedPermission 64–66URLClassLoader 43–44, 49, 53–54X500Principal 283, 306X509Certificate 134, 201X509CRL 134, 201X509CRLEntry 134X509EncodedKeySpec 200, 224
ClassLoader class 43, 45CLASSPATH 43, 55–56client containers 324–325clone method 165codeBase 277–278code-centric access control 142CodeSource class 69–74combine method 91, 125Comité Consultatif International Télépho-
nique et Télégraphique 128
confidentialityof data 3, 12, 248of objects 157, 171
Configuration class 146context
access control 90–91, 94, 105–109, 124See also AccessControlContext class
GSS-APISee GSSContext interface
covert channels 9–10CPS (Certification Practice Statement) 132createAccessControlContext permission 92createClassLoader permission 46createContext method 244createCredential method 243createName method 242–243createSecurityManager permission 88credentials
cache 154delegation 244, 248Java GSS-API 242–246overview 144–145types 155
CRL (Certificate Revocation List) 130, 134, 201
CRL class 134cryptanalysis 12Cryptographic Service Provider (CSP)
See providerscryptography 12–16
See also JCA; JCEconcepts 178–179services 179, 182versus computer security 2, 12
cryptology 12CSP (Cryptographic Service Provider)
See providersCSR (Certificate Signing Request) 132, 225
keytool generation of 293, 298, 300customizing the security architecture 113–
125
DDAC (discretionary access control) security
model 8Damgšard, I. B. 13
gfeIX.fm Page 342 Wednesday, April 30, 2003 4:50 PM
Index 343
Data Encryption StandardSee DES
decidability of system security 11decryption
definition 178keys used for 15of data 210–211of SealedObject 171of signature 139programming example 226–227reversibility 16
defineClass methodClassLoader class 50–51SecureClassLoader class 52
delegationclass loader 45–50credentials, Java GSS-API 247
DelegationPermission class 62, 245, 247deleteEntry method 205denial-of-service attacks 3deploying the security architecture 265–308DER (Distinguished Encoding Rules) stan-
dard 131, 197DES (Data Encryption Standard)
algorithm description 14, 231programming example 226standard algorithm name 231, 234, 236SunJCE implementation 186, 209, 214
DES-EDE (triple DES) cipher algorithmSunJCE implementation 209, 214
DESede standard algorithm name 231, 234, 236
DESedeKeySpec class 216deserialization 163DESKeySpec class 216–217Diffie-Hellman
algorithm description 16, 231keys 216, 218
DiffieHellman standard algorithm name 231digest
See hashdigest method 189, 221digital certificates
See also Certificate Revocation List; certifi-cation path; X.509‚ certificates
APIs 133Base64 encoding 131
chains 16, 128fingerprints 294, 299generating 201issuer 131obtaining 131overview 128–134public key 128–137reading file containing 225–226referenced by CodeSource 69root certificate 16, 128self-signed 16, 131subject 131–132
digital signatureciphertext used as 16of code 29, 138–141description 178generating and verifying 222–224
Digital Signature AlgorithmSee DSA
digital signature algorithm standard names 231
dispose method 248Distinguished Encoding Rules (DER) stan-
dard 131, 197Distinguished Name (DN) 129, 131, 300
sample 306–307distributed end-entity authentication 152–
156DN (Distinguished Name) 129, 131, 300
sample 306–307DNS (Domain Name Service) 19doAs
method 150–151See also privileged code
permission 151doAsPrivileged
method 150–151See also privileged code
permission 151doFinal method
Cipher class 210–211, 213–214, 227, 230Mac class 220
Domain Name Service (DNS) 19DomainCombiner interface 91–92, 124–125,
152domains
See protection domains
gfeIX.fm Page 343 Wednesday, April 30, 2003 4:50 PM
Index344
doPhase method 218doPrivileged method 91, 93, 99–109, 125,
162See also privileged code
DSA (Digital Signature Algorithm)description 231KeyFactory 182key-pair generation algorithm specification
239–240limitations 16parameter generation algorithm specifica-
tion 240programming examples 222–224signature algorithm specification 238standard algorithm name 231
DSAParameterSpec class 193, 222DSAPrivateKeySpec class 197–198, 223DSAPublicKeySpec class 198, 200, 224
programming example 224dynamic policy 84
Eeager evaluation implementation 108ECB (Electronic Code Book mode) 209, 226,
234Electronic Code Book mode (ECB)
See ECBEMACS 20EncodedKeySpec class 199encryption
definition 178keys used for 15of data 210–211of digest (hash) 139of SealedObject 171programming example 226–230reversibility 16
end entity 132engine classes 179, 182–185equals method
AllPermission class 63BasicPermission class 63CodeSource class 70–71Permission class 60
extension class loader 43, 45
Ffactory 184
FileInputStream class 175–176FilePermission class 58–60, 119, 175findClass method
ClassLoader class 47URLClassLoader class 53
findLoadedClass method 47–48fingerprints (file hash values) 65, 178, 294,
299firewalls 6–7
GgenerateCertificate method 201, 225generateCertificates method 201, 225generateCertPath method 135generateCRL method 201generateCRLs method 201generateKey method 172, 216, 226generateKeyPair method 203, 222generateParameters method 196generatePrivate method 200, 223generatePublic method 200, 224generateSecret method 217, 219, 229generateSeed method 208generator 184Generic Security Service API
See GSS-APIgetAlgorithm method 196, 212getCertificate method 205getCertificateAlias method 205getCertificateChain method 205getCertPath method 136getClassContext method 88getClassLoader
method 46–47permission 47
getContext method 91, 94, 125getDefault method
SSLServerSocketFactory class 250SSLSocketFactory class 250, 252, 255
getDefaultType method 204, 292, 302getDelegCred method 244getEncoded method 194, 197, 213, 224getFormat method 197getInstance method
AlgorithmParameterGenerator class 195AlgorithmParameters class 193, 213Certificate class 201CertificateFactory class 134–135, 201, 225
gfeIX.fm Page 344 Wednesday, April 30, 2003 4:50 PM
Index 345
CertPathBuilder class 136CertPathValidator class 136–137Cipher class 172, 208–209, 213, 227, 230GSSManager class 242KeyAgreement class 217KeyFactory class 200, 223KeyGenerator class 172, 215, 226KeyManagerFactory class 259KeyPairGenerator class 202, 222KeyStore class 204Mac class 219MessageDigest class 188, 221SecretKeyFactory class 216–217, 229SecureRandom class 207, 222Signature class 169, 190, 222–224SSLContext class 250, 255TrustManagerFactory class 256–257
getKey method 205getKeyManagers method 250getKeySpec method 201, 224getMIC method 248–249getObject method 170getOutputSize method 214getParameters method 213getParameterSpec method 192, 194getParent method 45–47getPasswordAuthentication method 153getPermissions method
Policy class 81–82SecureClassLoader class 52–53URLClassLoader class 53
getPolicymethod 81–82permission 81
getPrivate method 223getProperty method 188, 302getProtectionDomain
method 51, 78, 88permission 51, 78
getProvider method 187getProviders method 187getPublic method 223getSecurityContext method 89–90getSecurityManager method 89getSubject permission 245getSubjectFromDomainCombiner permis-
sion 245
getSupportedProtocols method 255getSystemClassLoader method 43, 45–47,
49getTrustManagers method 250Goguen, J. A. 10grant entries in policy files 276–281GSS-API (Generic Security Service API)
143, 154See also Java GSS-API
GSSContext interface 242, 247–249GSSCredential interface 242–246GSSManager class 242–245, 247GSSName interface 242–243Guard interface 172–176GuardedObject class 172–176
Hhash 13–14, 138–139, 179, 220–222
definition 178High-Watermark security model 11HMAC definition 179HmacMD5 standard algorithm name 236HMAC-MD5 SunJCE implementation 220HmacSHA1 standard algorithm name 236–
237HMAC-SHA1 SunJCE implementation 220HostnameVerifier interface 253HttpsURLConnection class 253–254
IIETF (Internet Engineering Task Force) 17immutability
of CodeSource objects 70of objects 161–162of Permission objects 61
implies methodAllPermission class 63BasicPermission class 63, 114CodeSource class 70–73Permission class 60–61PermissionCollection class 66Permissions class 67Policy class 81ProtectionDomain class 77
inheritancecontext 105method 97–98
gfeIX.fm Page 345 Wednesday, April 30, 2003 4:50 PM
Index346
init methodAlgorithmParameterGenerator class 195AlgorithmParameters class 193, 213Cipher class 172, 209, 213–214, 227, 230KeyAgreement class 218KeyGenerator class 215KeyManagerFactory class 250, 259Mac class 219SSLContext class 250, 254–255TrustManagerFactory class 250, 257
initialize method 202–203, 222initiating class loader 42, 45initSecContext method 244, 248initSign method 190, 223initVerify method 190, 223–224inner classes, security issues 167insertProvider.providerName permission 273insertProviderAt method 187, 273installation directory <java.home> 266–267installing
J2SE 266providers 271–272security manager 89, 271
integrityof data 3–4, 11–13, 138of objects 157, 171protection 248
interfaces (listed by name)AlgorithmParameterSpec 193CallbackHandler 147–149CertPathBuilderResult 136CertPathParameters 136CertPathValidatorResult 135DomainCombiner 91–92, 124–125, 152GSSContext 242, 247–249GSSCredential 242–246GSSName 242–243Guard 172–176HostnameVerifier 253Key 196–197KeyManager 155, 250, 256, 258KeySpec 197–198LoginModule 146ManagerFactoryParameters 257Principal 74, 144, 149–152, 154PrivateKey 197
PrivilegedAction 100, 102–107PrivilegedExceptionAction 104–105, 151PublicKey 197SecretKey 217, 219Serializable 163–168, 171SSLSession 250, 252TrustManager 250, 256X509Extension 134
International Telecommunication Union (ITU) 128
Internet Engineering Task Force (IETF) 17InvalidAlgorithmParameterException class
136, 210InvalidKeyException class 210IPSec protocol 133, 142isCertificateEntry method 205isKeyEntry method 205isProtReady method 248ITU (International Telecommunication
Union) 128IvParameterSpec class 214
JJ2EE 323–324JAAS (Java Authentication and Authoriza-
tion Service) 141–152authentication 141–148, 153authorization 149–152callbacks 148credentials 144login configuration files 286–289principal-based access control 150–152principals 143subjects 143
JAR filesdescription 301example of signing and verification 304–306format 139–141signature verification 299, 303–304signing 301–303
jar tool 301jarsigner utility 203, 301–306
example of JAR file signature and verifica-tion 304–306
file extensions 302JAR file signature verification 303–304
gfeIX.fm Page 346 Wednesday, April 30, 2003 4:50 PM
Index 347
JAR file signing 301–303options
-keypass 301, 304-keystore 301, 304-sigFile 302-signedjar 301, 304-storepass 301, 304-storetype 291, 301-verbose 305
Javaapplication 25platform 20, 25programming language 24–26technology 20virtual machine
See JVMJava 2 Micro Edition 314–316Java Authentication and Authorization Ser-
vice (JAAS)See JAAS
Java Card 310–314Java Certification Path API
basic classes 135building classes 136certificate/CRL storage classes 137overview 133–137PKIX classes 137validation classes 135–136
Java Cryptography ArchitectureSee JCA
Java Cryptography ExtensionSee JCE
Java Generic Security Service APISee Java GSS-API
Java GSS-API (Java Generic Security Ser-vice API)
authentication 152–154, 242confidentiality and integrity controls 242–
249credential delegation 247message security 249security context establishment 247–249
Java Plug-in 45Java Remote Method Invocation (Java RMI)
157Java Secure Socket Extension
See JSSE
Java Web Start 45java.home system property 266java.security security properties file 268–269java.security.manager system property 271java.security.policy system property 121,
271java.security.properties system property 270JCA (Java Cryptography Architecture) 177–
240See also cryptography; JCEalgorithm parameters 192–196concepts 178–179core classes 187–208design principles 179–180JCE classes 208–220
JCE (Java Cryptography Extension) 177, 181–240
See also cryptography; JCAclasses 208–220
JCEKS keystore type 204, 233JDK to Java 2 SDK terminology shift 30Jini Network Technology 320–323JKS keystore type 155, 204, 233, 291, 296JSSE (Java Secure Socket Extension)
authentication 152, 155–156confidentiality and integrity controls 249–
260core classes 250–260SSL context establishment 250
JVM (Java virtual machine) 21, 24–29, 41, 45
KKerberos
See also Krb5LoginModule classmechanism 143protocol 17, 142tickets 144V5 GSS-API mechanism 153–154, 242–249
key agreement 178key algorithm standard names 231key distribution centers 17key entry 155, 289key generator algorithm standard names 236Key interface 196–197key manager 254, 256, 258
See also KeyManager interface
gfeIX.fm Page 347 Wednesday, April 30, 2003 4:50 PM
Index348
key-pair generationSee KeyPairGenerator class; keytool utility
key specification 223KeyAgreement class 217–219KeyFactory class 185, 200
programming example 223–224KeyFactorySpi class 185KeyGenerator class 215–216, 226KeyManager interface 155, 250, 256, 258KeyManagerFactory class 250, 258–260KeyNote 144KeyPair class 202, 222–224KeyPairGenerator class 202
programming example 222keys
cryptographic 144encryption 4, 12private 15, 128, 132, 139public 15–16, 128, 132–134, 139secret 12, 14, 16–17, 178, 216, 219unwrapping 211–212wrapping 211–212
KeySpec interface 197–198keystore
See also Keystore classcacerts file 295–296default file name 291default implementation 289definition 155description and use 289–292policy file entry 276standard names for types 233type 291, 296, 301
KeyStore class 137, 203–205, 257, 291–292See also keystore
keystore.type security property 291–292, 302
keytool utility 131, 203, 292–300cacerts keystore file 295–296Certificate Signing Request (CSR) genera-
tion 293, 298, 300certificates
exporting 296, 299importing 294–296, 299importing certificate reply 295, 299–300printing information for 294, 299
commands-certreq 293, 298, 300-delete 300-export 296, 299-genkey 290, 293, 297-help 297-import 294–296, 299–300-keyclone 300-keypasswd 291-list 296-printcert 294, 299-selfcert 300
defaults 292examples of use 297–300help 297key-pair generation 290, 293, 297keystore creation 297keystore entry
aliases 290cloning 300removing 300
options-alias 290default values 297-dname 306-keystore 291ordering 292-rfc 296-storepass 297-storetype 291-trustcacerts 295–296
passwordassigning 297changing 291
printing keystore contents 296self-signed certificate generation 300
Knuth, Donald 13Krb5LoginModule class 152, 154–155
See also Kerberos
LLampson, B. W. 9lazy evaluation implementation 108lazy loading 41LDAP (Lightweight Directory Access Proto-
col) 133, 137
gfeIX.fm Page 348 Wednesday, April 30, 2003 4:50 PM
Index 349
least privilege, principle of 97, 138legacy systems 11Liang, S. 43Lightweight Directory Access Protocol
(LDAP) 133, 137linking 41LISP 20load method 204loadClass methods 47–49loading classes
See class loadingLogger class 119logging permission calls 119–120LoggingPermission class 62login configuration files 286–289login context 145–149login module 146–149, 286–288LoginContext class 146–147LoginModule interface 146
MMAC (mandatory access control) security
model 8–10MAC (message authentication code) 13, 178,
219–220Mac algorithm standard names 236Mac class 219–220ManagerFactoryParameters interface 257manifest file 139–140MD2 message digest algorithm 238MD2withRSA signature algorithm 238MD5 message digest algorithm
specification 238use in HMAC 179
MD5withRSA signature algorithm 238Merkle, R. C. 13Meseguer, J. 10message authentication code (MAC) 13, 178,
219–220message digest (hash)
algorithm standard names 230definition 178example of computing 220–222
MessageDigest class 185, 188–189programming example 220–222
MessageDigestSpi class 185MessageProp class 249META-INF JAR file directory 139
methods (listed by name)accept 251acceptSecContext 244, 248add
PermissionCollection class 66Permissions class 67
addProvider 187, 273aliases 205build 136checkGuard 172, 174–175checkPermission
AccessControlContext 90AccessControlContext class 90AccessController class 90–91, 93–94,
109–110, 125SecurityManager class 88–90, 92–93,
109–110clone 165combine 91, 125createContext 244createCredential 243createName 242–243defineClass
ClassLoader class 50–51SecureClassLoader class 52
deleteEntry 205digest 189, 221dispose 248doAs 150–151doAsPrivileged 150–151doFinal
Cipher class 210–211, 213–214, 227, 230Mac class 220
doPhase 218doPrivileged 91, 93, 99–109, 125, 162equals
AllPermission class 63BasicPermission class 63CodeSource class 70–71Permission class 60
findClassClassLoader class 47URLClassLoader class 53
findLoadedClass 47–48generateCertificate 201, 225generateCertificates 201, 225generateCertPath 135generateCRL 201
gfeIX.fm Page 349 Wednesday, April 30, 2003 4:50 PM
Index350
methods (listed by name), continuedgenerateCRLs 201generateKey 172, 216, 226generateKeyPair 203, 222generateParameters 196generatePrivate 200, 223generatePublic 200, 224generateSecret 217, 219, 229generateSeed 208getAlgorithm 196, 212getCertificate 205getCertificateAlias 205getCertificateChain 205getCertPath 136getClassContext 88getClassLoader 46–47getContext 91, 94, 125getDefault
SSLServerSocketFactory class 250SSLSocketFactory class 250, 252, 255
getDefaultType 204, 292, 302getDelegCred 244getEncoded 194, 197, 213, 224getFormat 197getInstance
AlgorithmParameterGenerator class 195AlgorithmParameters class 193, 213Certificate class 201CertificateFactory class 134–135, 201,
225CertPathBuilder class 136CertPathValidator class 136–137Cipher class 172, 208–209, 213, 227, 230GSSManager class 242KeyAgreement class 217KeyFactory class 200, 223KeyGenerator class 172, 215, 226KeyManagerFactory class 259KeyPairGenerator class 202, 222KeyStore class 204Mac class 219MessageDigest class 188, 221SecretKeyFactory class 216–217, 229SecureRandom class 207, 222Signature class 169, 190, 222–224SSLContext class 250, 255TrustManagerFactory class 256–257
getKey 205getKeyManagers 250
getKeySpec 201, 224getMIC 248–249getObject 170getOutputSize 214getParameters 213getParameterSpec 192, 194getParent 45–47getPasswordAuthentication 153getPermissions
Policy class 81–82SecureClassLoader class 52–53URLClassLoader class 53
getPolicy 81–82getPrivate 223getProperty 188, 302getProtectionDomain 51, 78, 88getProvider 187getProviders 187getPublic 223getSecurityContext 89–90getSecurityManager 89getSupportedProtocols 255getSystemClassLoader 45–47, 49getTrustManagers 250implies
AllPermission class 63BasicPermission class 63, 114CodeSource class 70–73Permission class 60–61PermissionCollection class 66Permissions class 67Policy class 81ProtectionDomain class 77
init 195AlgorithmParameters class 193, 213Cipher class 172, 209, 213–214, 227, 230KeyAgreement class 218KeyGenerator class 215KeyManagerFactory class 250, 259Mac class 219SSLContext class 250, 254–255TrustManagerFactory class 250, 257
initialize 202–203, 222initSecContext 244, 248initSign 190, 223initVerify 190, 223–224insertProviderAt 187, 273isCertificateEntry 205isKeyEntry 205
gfeIX.fm Page 350 Wednesday, April 30, 2003 4:50 PM
Index 351
isProtReady 248load 204loadClass 47–49newInstance 54newPermissionCollection 60–61, 66nextBytes 207Oid 242readObject 163–167readPasswd 228readResolve 165refresh 81–82removeProvider 187requestCredDeleg 244requestPasswordAuthentication 153resolveClass 47, 49run
PrivilegedAction interface 100–105, 107,151
PrivilegedExceptionAction interface 151setCertificateEntry 205setDefaultSSLSocketFactory 253setEnabledProtocols 255setKeyEntry 205setPolicy 81–82setProperty
Security class 188System class 267
setSecurityManager 89setSeed 207, 222setSigners 51setSSLSocketFactory 253sign 191, 223store 205toString 60–61unwrap 212, 249update
Cipher class 211, 214Mac class 220MessageDigest class 189, 221Signature class 191, 223–224
validate 136verify 170, 191, 223–224verifyMIC 249wrap 211, 248–249writeObject 164
Meyer, C. H. 13Microsoft Windows 21Microsoft Word documents with macros 19
MIT (Massachusetts Institute of Technology) 17
mobile code 19–20modes
Cipher initialization 209–212Cipher transformation 208, 234
mutability of objects 161–162mutual authentication 248
Nnames
permission target names 60standard 230–237
namespaces, multiple 41Naor, M. 13native methods, security issues 167Needham, Roger 13Needham-Schroeder protocol 17–18NetPermission class 62network security 241–263newInstance method 54newPermissionCollection method 60–61, 66nextBytes method 207NONE cipher mode 234NoPadding 235
OOAEPWith<digest>And<mgf>Padding 235object
guardingSee GuardedObject class
identifier (OID) 154sealing
See SealedObject classsecurity 157–176signing
See SignedObject classOFB (Output Feedback mode) 234OID (object identifier) 154Oid method 242one-time pad 12one-way hash 13–14, 138–139, 179, 220–222
definition 178opaque key representation 196, 200, 216opaque parameter representation 192OTP standard 17Output Feedback mode (OFB) 234overt channels 9
gfeIX.fm Page 351 Wednesday, April 30, 2003 4:50 PM
Index352
Ppadding schemes, cipher 208, 235PAM 145parameter algorithm standard names 231PasswordAuthentication class 153password-based encryption
See PBEpasswords, problems with 19PBE (password-based encryption)
algorithm description 178programming example 212, 227–230standard algorithm name 231
PBEKeySpec class 216programming example 227, 230
PBEParameterSpec class 214programming example 229
PBEWith<digest>And<encryption> 234, 236
PBEWith<mac> 237PBEWith<prf>And<encryption> 234, 236PBEWithHmacSHA1AndDESede 234PBEWithMD5AndDES 214, 234PCBC (Propagating Cipher Block Chaining)
234PEM (Privacy Enhancement for Internet
Electronic Mail) 129perimeter defense 4–8Permission class 59–62, 113, 174permission classes
See classes (listed by name) for Permission class names
permission policy file entry 279–281PermissionCollection class 66–67, 114permissions (concepts and use)
actions argument 60assigning 83–84checking 88, 94–101, 107–109creating new types 113–118dangers of granting 67–68equality 61equivalence 61implication 61
See also implies methodnamed permissions 62names 60positive versus negative 59, 68–69sets 66–67spanning 86, 124
target name argument 60unresolved 64–66
Permissions class 67PGP certificates 134PKCS #1 235PKCS #5–style padding 226PKCS #7 225, 294PKCS #8 197, 200PKCS12 keystore type 155, 233PKCS5Padding 209, 235PKCS8EncodedKeySpec class 199PKIX
algorithm 135–136classes 137standards 132
PKIXParameters class 136plaintext 14–15pluggable authentication 145policy
See also Policy classappending 270–271customizing 118–124definition 57enforcing 87–112files, examples 281–283format, default 276–281locations 274–276management for nonexperts 307–308overriding 270–271overview 79–82specifying 57–84store (repository) 120
Policy class 57, 80–82See also policyalternative implementation 285–286default implementation 80
Policy provider, custom 120–124Policy Tool 203policy.allowSystemProperty security proper-
ty 121, 271policy.provider security property 285policy.url.n security properties 121, 275PostScript files 19preference order 181, 273primordial class loader 38, 42principal 143–144Principal interface 74, 144, 149–152, 154principal policy file entry 277–279
gfeIX.fm Page 352 Wednesday, April 30, 2003 4:50 PM
Index 353
principal-based access control 150–152principle of least privilege 97, 138Privacy Enhancement for Internet Electron-
ic Mail (PEM) 129private key 15PrivateCredentialPermission class 145PrivateKey interface 197privileged code
See also doAs method; doAsPrivileged method; doPrivileged method
brief history 110–112overview 98–109security issues 162–163
PrivilegedAction interface 100, 102–107PrivilegedExceptionAction interface 104–
105, 151PRNG (pseudo-random-number generator)
206–207Propagating Cipher Block Chaining (PCBC)
234properties
expansion in policy files 283–285security
appending 270default values 269keystore.type 291–292, 302overriding 270policy.allowSystemProperty 121, 271policy.provider 285policy.url.n 121, 275security.overridePropertiesFile 270security.provider.n 273setting values for 268–269
systemjava.home 266java.security.manager 271java.security.policy 121, 271java.security.properties 270setting values for 267user.home 268
PropertyPermission class 62, 114protection domains
See also ProtectionDomain classaccess control
basic algorithm 94–97extended algorithm 98–101full algorithm 107–109
combining 91–92
creating 75–77system domain 78, 94types 94
ProtectionDomain class 50–51, 74–79, 152See also protection domains
protocol, secure socket 255Provider class 188, 273providers
See also Provider classadding 273–274configuring 273–274installing 271–272master class 273overview 179–180Policy 120–124preference order 181, 273SUN 185–187, 203, 207, 232–233SunJCE 186–187, 209, 214, 216, 220SunJSSE 254, 256–259
pseudo-random-number generator (PRNG) 206–207
public fields, security issues 158, 160public key 15public methods, security issues 158, 160public-key certificates
See digital certificatespublic-key cryptography 138PublicKey interface 197
QQOP (quality-of-protection) 249
RRabin, M. O. 13Random class 206random-number generation 206–208
algorithm standard names 232RC2 cipher algorithm 234RC4 cipher algorithm 234RC5 cipher algorithm 234readObject method 163–167readPasswd method 228readResolve method 165ReflectPermission class 62, 68refresh method 81–82Remote Method Invocation (RMI) 260–263Remote Procedure Call (RPC) 19removeProvider method 187
gfeIX.fm Page 353 Wednesday, April 30, 2003 4:50 PM
Index354
replay detection 248requestCredDeleg method 244requestPasswordAuthentication method 153resolveClass method 47, 49RFC 2104 179RFC 2587 133RFC 2743 154RFC 3280 137RFC 822 140Rivest, R. L. 13RMI (Remote Method Invocation) 260–263root certificate 16RPC (Remote Procedure Call) 19RSA
description 231key-pair generation algorithm specification
240standard algorithm name 231, 234usage 16
RSA-based signature algorithms 238RSAMultiPrimePrivateCrtKeySpec class
199RSAPrivateCrtKeySpec class 198RSAPrivateKeySpec class 198–199RSAPublicKeySpec class 199run method
PrivilegedAction interface 100–105, 107, 151
PrivilegedExceptionAction interface 151RuntimePermission class 60, 62, 113–114
SS/MIME protocol 133sandbox model 25, 33
limitations of 32SASL (Simple Authentication and Security
Layer Application Programmer’s In-terface) 143
Schilling, M. 13SDK from JDK terminology shift 30SDSI certificates 134SealedObject class 171–172secret keys 12, 14, 16–17, 178, 216, 219secret-key ciphers 14secret-key factory algorithm standard names
236SecretKey interface 217, 219SecretKeyFactory class 216–217
programming example 229
SecretKeySpec class 217secure socket protocol 255SecureClassLoader class 43–53SecureRandom class 206–208
programming example 222security
architectureSee architecture, security
attack types 3basic features of Java security 23–30exceptions 157–158fundamentals 1–21manager
See also SecurityManager classexample use 88installation 89, 271
models 8–12network 241–263of objects 157–176policy
See policyproperties
See propertiesproperties file 121, 268–269tools 289–306versus cryptography 2, 12
Security class 187–188security.overridePropertiesFile security
property 270security.provider.n security property 273SecurityException class 82, 158SecurityManager class 87–90, 92
See also security managercheckPermission methods 89–90default implementation 150subclassing examples 118–120versus AccessController class 109–110
SecurityPermission class 62seeds for random-number generators 206–
208self-signed certificate 16, 297sequencing 248Serializable interface 163–168, 171SerializablePermission class 62serialization 163–167ServerSocketFactory class 250service attribute standard names 233service provider
See providers
gfeIX.fm Page 354 Wednesday, April 30, 2003 4:50 PM
Index 355
Service Provider Interface (SPI) 184ServicePermission class 154–155, 245–247setCertificateEntry method 205setDefaultSSLSocketFactory method 253setEnabledProtocols method 255setKeyEntry method 205setPolicy
method 81–82permission 81
setProperty methodSecurity class 188System class 267
sets of permissions 66–67setSecurityManager
method 89permission 89
setSeed methods 207, 222setSigners method 51setSSLSocketFactory method 253setting property values
security 268–269system 267
SHA-1 message digest algorithmprogramming example 220–222specification 238use in HMAC 179
SHA1PRNG pseudo-random-number gener-ation algorithm 232
SHA1withDSA signature algorithm 238SHA1withRSA signature algorithm 238SHA-256 message digest algorithm 231SHA-384 message digest algorithm 231SHA-512 message digest algorithm 231Shannon, Claude 12sign method 191, 223signature
See digital signaturesignature (instructions) file 140, 302signature block file 140, 302Signature class 169, 184, 190–192, 222–224SignatureSpi class 184signed code 29–30, 138–141signedBy 277–280SignedObject class 168–171Simple Authentication and Security Layer
Application Programmer’s Interface (SASL) 143
Simple Public Key Mechanism (SPKM) 143single sign-on 144, 245smart cards 19socket factories 251SocketFactory class 250SocketPermission class 113spanning permissions 86, 124SPI (Service Provider Interface) 184SPKI 144SPKM (Simple Public Key Mechanism) 143SQLPermission class 62SSL protocol 133, 155SSL3Padding 235SSLContext class 250, 252, 254–256SSLPermission class 62SSLServerSocket class 250–251SSLServerSocketFactory class 250–252SSLSession interface 250, 252SSLSocket class 250–252SSLSocketFactory class 250–253, 255stacked authentication 146standard names 230–237static fields, security issues 160store method 205subject
See also Subject classdefined 143–144digital certificate 131–132
Subject class 144–152, 154SubjectDomainCombiner class 125SUN provider 185–187, 203, 207, 232–233SunJCE provider 186–187, 209, 214, 216,
220SunJSSE provider 254, 256–259symmetric cipher 14System class 89system classes 43, 55–56, 78system domain
See protection domainssystem properties
See properties
Ttainted variables 163target name, permissions 60terminology shift from JDK to Java 2 SDK
30
gfeIX.fm Page 355 Wednesday, April 30, 2003 4:50 PM
Index356
TGS (Ticket Granting Service) 246TGT (Ticket Granting Ticket) 154Ticket Granting Service (TGS) 246Ticket Granting Ticket (TGT) 154TLS protocol 133toString method 60–61transformation 208–209transient keyword 166transparent key representation 196–197, 216transparent parameter representation 192Triple DES
See DES-EDEtriple-DES 14Trojan horse 9trust anchor 128trust manager 254, 256, 258
See also TrustManager interfacetrust, establishing 127–156TrustAnchor class 136trusted certificate entry 155, 290, 294Trusted Third Party (TTP) 132TrustManager interface 250, 256
See also trust managerTrustManagerFactory class 250, 256–258truststore 155type safety 27–29type-safe linkage 41
UUnresolvedPermission class 64–66unwrap method 212, 249update method
Cipher class 211, 214Mac class 220MessageDigest class 189, 221Signature class 191, 223–224
URL (Universal Resource Locator) 69URLClassLoader class 43–44, 49, 53–54user.home system property 268user-centric access control 142user-centric authentication and authoriza-
tion 141–152
Vvalidate method 136variables, tainted 163verify method 170, 191, 223–224verifyMIC method 249
VPN (virtual private network) 5–6
WWilkes, M. V. 13wrap method 211, 248–249writeObject method 164
XX.500 directory 128X.500 distinguished names 306–307X.509
certificate type 232certificates 128, 132, 134, 136, 201, 256,
258extensions 134key format 197, 200
X500Principal class 283, 306X509Certificate class 134, 201X509CRL class 134, 201X509CRLEntry class 134X509EncodedKeySpec class 200, 224X509Extension interface 134
YYellin, F. 29Yung, M. 13
gfeIX.fm Page 356 Wednesday, April 30, 2003 4:50 PM