Download - Security Architecture of the Java platform
![Page 1: Security Architecture of the Java platform](https://reader034.vdocument.in/reader034/viewer/2022052705/5872a1301a28ab07208b5c21/html5/thumbnails/1.jpg)
voxxeddays.com/luxembourg/ #voxxeddaysLU
Security architecture of the Java platform
Martin Toshev@martin_fmi
![Page 2: Security Architecture of the Java platform](https://reader034.vdocument.in/reader034/viewer/2022052705/5872a1301a28ab07208b5c21/html5/thumbnails/2.jpg)
voxxeddays.com/luxembourg/ #voxxeddaysLU
Who am I
Software consultant (CoffeeCupConsulting)
BG JUG board member (http://jug.bg)
OpenJDK and Oracle RBDMS enthusiast
![Page 3: Security Architecture of the Java platform](https://reader034.vdocument.in/reader034/viewer/2022052705/5872a1301a28ab07208b5c21/html5/thumbnails/3.jpg)
voxxeddays.com/luxembourg/ #voxxeddaysLU
![Page 4: Security Architecture of the Java platform](https://reader034.vdocument.in/reader034/viewer/2022052705/5872a1301a28ab07208b5c21/html5/thumbnails/4.jpg)
voxxeddays.com/luxembourg/ #voxxeddaysLU
Work in progress …
![Page 5: Security Architecture of the Java platform](https://reader034.vdocument.in/reader034/viewer/2022052705/5872a1301a28ab07208b5c21/html5/thumbnails/5.jpg)
voxxeddays.com/luxembourg/ #voxxeddaysLU
Agenda
• Evolution of the Java security model
• Outside the sandbox: APIs for secure coding
• Designing and coding with security in mind
![Page 6: Security Architecture of the Java platform](https://reader034.vdocument.in/reader034/viewer/2022052705/5872a1301a28ab07208b5c21/html5/thumbnails/6.jpg)
voxxeddays.com/luxembourg/ #voxxeddaysLU
Evolution of the Java security model
![Page 7: Security Architecture of the Java platform](https://reader034.vdocument.in/reader034/viewer/2022052705/5872a1301a28ab07208b5c21/html5/thumbnails/7.jpg)
voxxeddays.com/luxembourg/ #voxxeddaysLU
Evolution of the Java security model
• Traditionally - companies protect they assets using strict physical and network access policies
• Tools such as anti-virus software, firewalls, IPS/IDS systems facilitate this approach
![Page 8: Security Architecture of the Java platform](https://reader034.vdocument.in/reader034/viewer/2022052705/5872a1301a28ab07208b5c21/html5/thumbnails/8.jpg)
voxxeddays.com/luxembourg/ #voxxeddaysLU
Evolution of the Java security model
•With the introduction of various technologies for loading and executing code on the client machine from the browser (such as Applets) - a new range of concerns emerge related to client security – this is when the Java security sandbox starts to evolve …
![Page 9: Security Architecture of the Java platform](https://reader034.vdocument.in/reader034/viewer/2022052705/5872a1301a28ab07208b5c21/html5/thumbnails/9.jpg)
voxxeddays.com/luxembourg/ #voxxeddaysLU
Evolution of the Java security model
• The goal of the Java security sandbox is to allow untrusted code from applets to be executed in a trusted environment such as the user's browser
![Page 10: Security Architecture of the Java platform](https://reader034.vdocument.in/reader034/viewer/2022052705/5872a1301a28ab07208b5c21/html5/thumbnails/10.jpg)
voxxeddays.com/luxembourg/ #voxxeddaysLU
Evolution of the Java security model
• JDK 1.0 (when it all started …) – the original sandbox model was introduced
Applet(untrusted)
System code(trusted)
JVM
Browser
http://voxxed.com/demoapplet
![Page 11: Security Architecture of the Java platform](https://reader034.vdocument.in/reader034/viewer/2022052705/5872a1301a28ab07208b5c21/html5/thumbnails/11.jpg)
voxxeddays.com/luxembourg/ #voxxeddaysLU
Evolution of the Java security model
• Code executed by the JVM is divided in two domains – trusted and untrusted
• Strict restriction are applied by default on the security model of applets such as denial to read/write data from disk, connect to the network and so on
![Page 12: Security Architecture of the Java platform](https://reader034.vdocument.in/reader034/viewer/2022052705/5872a1301a28ab07208b5c21/html5/thumbnails/12.jpg)
voxxeddays.com/luxembourg/ #voxxeddaysLU
Evolution of the Java security model
• JDK 1.1 (gaining trust …) – applet signing introduced
Applet(untrusted)
System code(trusted)
JVM
Browser
Signed Applet(trusted)
http://voxxed.com/demoapplet
http://voxxed.com/trustedapplet
![Page 13: Security Architecture of the Java platform](https://reader034.vdocument.in/reader034/viewer/2022052705/5872a1301a28ab07208b5c21/html5/thumbnails/13.jpg)
voxxeddays.com/luxembourg/ #voxxeddaysLU
Evolution of the Java security model
• Local code (as in JDK 1.0) and signed applet code (as of JDK 1.1) are trusted
• Unsigned remote code (as in JDK 1.0) is not trusted
![Page 14: Security Architecture of the Java platform](https://reader034.vdocument.in/reader034/viewer/2022052705/5872a1301a28ab07208b5c21/html5/thumbnails/14.jpg)
voxxeddays.com/luxembourg/ #voxxeddaysLU
Evolution of the Java security model
• Steps needed to sign and run an applet:• Compile the applet• Create a JAR file for the applet• Generate a pair of public/private keys• Sign the applet JAR with the private key• Export a certificate for the public key• Import the Certificate as a Trusted Certificate• Create the policy file• Load and run the applet
![Page 15: Security Architecture of the Java platform](https://reader034.vdocument.in/reader034/viewer/2022052705/5872a1301a28ab07208b5c21/html5/thumbnails/15.jpg)
voxxeddays.com/luxembourg/ #voxxeddaysLU
Evolution of the Java security model
• JDK 1.2 (gaining more trust …) – fine-grained access control
Applet
System code
JVM
Browser
grant codeBase http://voxxed.com/demoapplet {permission java.io.FilePermisions “C:\\Windows” “delete”
}
security.policy
SecurityManager.checkPermission(…)AccessController.checkPermission(…)
http://voxxed.com/demoapplet
![Page 16: Security Architecture of the Java platform](https://reader034.vdocument.in/reader034/viewer/2022052705/5872a1301a28ab07208b5c21/html5/thumbnails/16.jpg)
voxxeddays.com/luxembourg/ #voxxeddaysLU
Evolution of the Java security model
• The security model becomes code-centric
• Additional access control decisions are specified in a security policy
• No more notion of trusted and untrusted code
![Page 17: Security Architecture of the Java platform](https://reader034.vdocument.in/reader034/viewer/2022052705/5872a1301a28ab07208b5c21/html5/thumbnails/17.jpg)
voxxeddays.com/luxembourg/ #voxxeddaysLU
Evolution of the Java security model• The notion of protection domain introduced – determined by the security policy
• Two types of protection domains – system and application
![Page 18: Security Architecture of the Java platform](https://reader034.vdocument.in/reader034/viewer/2022052705/5872a1301a28ab07208b5c21/html5/thumbnails/18.jpg)
voxxeddays.com/luxembourg/ #voxxeddaysLU
Evolution of the Java security model• The protection domain is set during classloading and contains the code source and the list of permissions for the class
applet.getClass().getProtectionDomain();
![Page 19: Security Architecture of the Java platform](https://reader034.vdocument.in/reader034/viewer/2022052705/5872a1301a28ab07208b5c21/html5/thumbnails/19.jpg)
voxxeddays.com/luxembourg/ #voxxeddaysLU
Evolution of the Java security model
• One permission can imply another permissionjava.io.FilePermissions “C:\\Windows” “delete”impliesjava.io.FilePermissions “C:\\Windows\\system32” “delete”
![Page 20: Security Architecture of the Java platform](https://reader034.vdocument.in/reader034/viewer/2022052705/5872a1301a28ab07208b5c21/html5/thumbnails/20.jpg)
voxxeddays.com/luxembourg/ #voxxeddaysLU
Evolution of the Java security model
• One code source can imply another code sourcecodeBase http://voxxed.com/impliescodeBase http://voxxed.com/demoapplet
![Page 21: Security Architecture of the Java platform](https://reader034.vdocument.in/reader034/viewer/2022052705/5872a1301a28ab07208b5c21/html5/thumbnails/21.jpg)
voxxeddays.com/luxembourg/ #voxxeddaysLU
Evolution of the Java security model
• Since an execution thread may pass through classes loaded by different classloaders (and hence – have different protection domains) the following rule of thumb applies:
The permission set of an execution thread is considered to be the intersection of the permissions of all protection domains traversed by the execution thread
![Page 22: Security Architecture of the Java platform](https://reader034.vdocument.in/reader034/viewer/2022052705/5872a1301a28ab07208b5c21/html5/thumbnails/22.jpg)
voxxeddays.com/luxembourg/ #voxxeddaysLU
Evolution of the Java security model
• JDK 1.3, 1,4 (what about entities running the code … ?) – JAAS
Applet
System code
JVM
Browser
http://voxxed.com/demoapplet
grant principal javax.security.auth.x500.X500Principal "cn=Tom" { permission java.io.FilePermissions “C:\\Windows” “delete” }
security.policy
![Page 23: Security Architecture of the Java platform](https://reader034.vdocument.in/reader034/viewer/2022052705/5872a1301a28ab07208b5c21/html5/thumbnails/23.jpg)
voxxeddays.com/luxembourg/ #voxxeddaysLU
Evolution of the Java security model
• JAAS (Java Authentication and Authorization Service) extends the security model with role-based permissions
• The protection domain of a class now may contain not only the code source and the permissions but a list of principals
![Page 24: Security Architecture of the Java platform](https://reader034.vdocument.in/reader034/viewer/2022052705/5872a1301a28ab07208b5c21/html5/thumbnails/24.jpg)
voxxeddays.com/luxembourg/ #voxxeddaysLU
Evolution of the Java security model
• The authentication component of JAAS is independent of the security sandbox in Java and hence is typically used in more wider context (such as j2ee app servers)
• The authorization component is the one that extends the Java security policy
![Page 25: Security Architecture of the Java platform](https://reader034.vdocument.in/reader034/viewer/2022052705/5872a1301a28ab07208b5c21/html5/thumbnails/25.jpg)
voxxeddays.com/luxembourg/ #voxxeddaysLU
Evolution of the Java security model
• Core classes of JAAS:• javax.security.auth.Subject - an authenticated subject• java.security.Principal - identifying characteristic of a subject• javax.security.auth.spi.LoginModule - interface for implementors of
login (PAM) modules• javax.security.auth.login.LoginContext - creates objects used for
authentication
![Page 26: Security Architecture of the Java platform](https://reader034.vdocument.in/reader034/viewer/2022052705/5872a1301a28ab07208b5c21/html5/thumbnails/26.jpg)
voxxeddays.com/luxembourg/ #voxxeddaysLU
Evolution of the Java security model
• Up to JDK 1.4 the following is a typical flow for permission checking:
1) upon system startup a security policy is set and a security manager is installed
Policy.setPolicy(…)System.setSecurityManager(…)
![Page 27: Security Architecture of the Java platform](https://reader034.vdocument.in/reader034/viewer/2022052705/5872a1301a28ab07208b5c21/html5/thumbnails/27.jpg)
voxxeddays.com/luxembourg/ #voxxeddaysLU
Evolution of the Java security model
• Up to JDK 1.4 the following is a typical flow for permission checking:
2) during classloading (e.g. of a remote applet) bytecode verification is done and the protection domain is set for the current classloader (along with the code source, the set of permissions and the set of JAAS principals)
![Page 28: Security Architecture of the Java platform](https://reader034.vdocument.in/reader034/viewer/2022052705/5872a1301a28ab07208b5c21/html5/thumbnails/28.jpg)
voxxeddays.com/luxembourg/ #voxxeddaysLU
Evolution of the Java security model
• Up to JDK 1.4 the following is a typical flow for permission checking:
3) when system code is invoked from the remote code the SecurityManager is used to check against the intersection of protection domains based on the chain of threads and their call stacks
![Page 29: Security Architecture of the Java platform](https://reader034.vdocument.in/reader034/viewer/2022052705/5872a1301a28ab07208b5c21/html5/thumbnails/29.jpg)
voxxeddays.com/luxembourg/ #voxxeddaysLU
Evolution of the Java security model
• Up to JDK 1.4 the following is a typical flow for permission checking:
SocketPermission permission = new SocketPermission(“voxxed.com:8000-9000","connect,accept");SecurityManager sm = System.getSecurityManager();if (sm != null) sm.checkPermission(permission);
![Page 30: Security Architecture of the Java platform](https://reader034.vdocument.in/reader034/viewer/2022052705/5872a1301a28ab07208b5c21/html5/thumbnails/30.jpg)
voxxeddays.com/luxembourg/ #voxxeddaysLU
Evolution of the Java security model
• Up to JDK 1.4 the following is a typical flow for permission checking:
4) application code can also do permission checking against remote code using a SecurityManager or an AccessController
![Page 31: Security Architecture of the Java platform](https://reader034.vdocument.in/reader034/viewer/2022052705/5872a1301a28ab07208b5c21/html5/thumbnails/31.jpg)
voxxeddays.com/luxembourg/ #voxxeddaysLU
Evolution of the Java security model
• Up to JDK 1.4 the following is a typical flow for permission checking:
SocketPermission permission = new SocketPermission(“voxxed.com:8000-9000", "connect,accept");AccessController.checkPermission(permission)
![Page 32: Security Architecture of the Java platform](https://reader034.vdocument.in/reader034/viewer/2022052705/5872a1301a28ab07208b5c21/html5/thumbnails/32.jpg)
voxxeddays.com/luxembourg/ #voxxeddaysLU
Evolution of the Java security model
• Up to JDK 1.4 the following is a typical flow for permission checking:
5) application code can also do permission checking with all permissions of the calling domain or a particular JAAS subject
AccessController.doPrivileged(…)Subject.doAs(…)Subject.doAsPrivileged(…)
![Page 33: Security Architecture of the Java platform](https://reader034.vdocument.in/reader034/viewer/2022052705/5872a1301a28ab07208b5c21/html5/thumbnails/33.jpg)
voxxeddays.com/luxembourg/ #voxxeddaysLU
Evolution of the Java security model
• The security model defined by java.lang.SecurityManager is customizable
• For example: Oracle JVM uses a custom SecurityManager with additional permission classes where the code source is a database schema (containing e.g. Java stored procedures)
![Page 34: Security Architecture of the Java platform](https://reader034.vdocument.in/reader034/viewer/2022052705/5872a1301a28ab07208b5c21/html5/thumbnails/34.jpg)
voxxeddays.com/luxembourg/ #voxxeddaysLU
Evolution of the Java security model
• JDK 1.5, 1.6 (enhancing the model …) – new additions to the sandbox model (e.g. LDAP support for JAAS)
![Page 35: Security Architecture of the Java platform](https://reader034.vdocument.in/reader034/viewer/2022052705/5872a1301a28ab07208b5c21/html5/thumbnails/35.jpg)
voxxeddays.com/luxembourg/ #voxxeddaysLU
Evolution of the Java security model
• JDK 1.7, 1.8 (further enhancing the model …) – enhancements to the sandbox model (e.g. AccessController.doPrivileged() for checking against a subset of permissions)
![Page 36: Security Architecture of the Java platform](https://reader034.vdocument.in/reader034/viewer/2022052705/5872a1301a28ab07208b5c21/html5/thumbnails/36.jpg)
voxxeddays.com/luxembourg/ #voxxeddaysLU
Evolution of the Java security model
• JDK 1.9 and beyond … (applying the model to modules …)
application module
system module 1
JVM
Browser
http://voxxed.com/appmodule
security.policy
system module 2
![Page 37: Security Architecture of the Java platform](https://reader034.vdocument.in/reader034/viewer/2022052705/5872a1301a28ab07208b5c21/html5/thumbnails/37.jpg)
voxxeddays.com/luxembourg/ #voxxeddaysLU
Evolution of the Java security model
• By modules we understand modules in JDK as defined by project Jigsaw
•Modules must conform to the same security model as applets – each module is loaded by a particular classloader (bootstrap, extension or system)
![Page 38: Security Architecture of the Java platform](https://reader034.vdocument.in/reader034/viewer/2022052705/5872a1301a28ab07208b5c21/html5/thumbnails/38.jpg)
voxxeddays.com/luxembourg/ #voxxeddaysLU
Evolution of the Java security model
• Modularization of the JDK system classes allows further to define fine-grained access control permissions for classes in the system domain
• This is not currently allowed due to the monolithic nature of the JDK
![Page 39: Security Architecture of the Java platform](https://reader034.vdocument.in/reader034/viewer/2022052705/5872a1301a28ab07208b5c21/html5/thumbnails/39.jpg)
voxxeddays.com/luxembourg/ #voxxeddaysLU
Outside the sandbox:APIs for secure coding
![Page 40: Security Architecture of the Java platform](https://reader034.vdocument.in/reader034/viewer/2022052705/5872a1301a28ab07208b5c21/html5/thumbnails/40.jpg)
voxxeddays.com/luxembourg/ #voxxeddaysLU
Outside the sandbox:APIs for secure coding
• The security sandbox defines a strict model for execution of remote code in the JVM
• The other side of the coin are the security APIs that provide utilities for implementing the different aspects of application security …
![Page 41: Security Architecture of the Java platform](https://reader034.vdocument.in/reader034/viewer/2022052705/5872a1301a28ab07208b5c21/html5/thumbnails/41.jpg)
voxxeddays.com/luxembourg/ #voxxeddaysLU
Outside the sandbox:APIs for secure coding
• The additional set of APIs includes:• JCA (Java Cryptography Architecture)• PKI (Public Key Infrastructure) utilities• JSSE (Java Secure Socket Extension)• Java GSS API (Java Generic Security Services)• Java SASL API (Java Simple Authentication and Security Layer)
![Page 42: Security Architecture of the Java platform](https://reader034.vdocument.in/reader034/viewer/2022052705/5872a1301a28ab07208b5c21/html5/thumbnails/42.jpg)
voxxeddays.com/luxembourg/ #voxxeddaysLU
Outside the sandbox:APIs for secure coding
• JCA provides utilities for:• creating digital signatures• creating message digests• using cryptographic ciphers (symetric/asymetric,
block/stream)• using different other types of cryptographic services and
algorithms
![Page 43: Security Architecture of the Java platform](https://reader034.vdocument.in/reader034/viewer/2022052705/5872a1301a28ab07208b5c21/html5/thumbnails/43.jpg)
voxxeddays.com/luxembourg/ #voxxeddaysLU
Outside the sandbox:APIs for secure coding
• JCA has a pluggable architecture
• JCA is independent from particular cryptographic algorithms
• JCA continues to evolve (especially by providing stronger cryptographic algorithms)
![Page 44: Security Architecture of the Java platform](https://reader034.vdocument.in/reader034/viewer/2022052705/5872a1301a28ab07208b5c21/html5/thumbnails/44.jpg)
voxxeddays.com/luxembourg/ #voxxeddaysLU
Outside the sandbox:APIs for secure coding
• PKI utilities provide means for working with:• certificates• certificate revocation lists (CRL) • OCSP (Online Certificate Status Protocol)• key stores and trust stores (also based on the PKCS - public-
key cryptography standards)
![Page 45: Security Architecture of the Java platform](https://reader034.vdocument.in/reader034/viewer/2022052705/5872a1301a28ab07208b5c21/html5/thumbnails/45.jpg)
voxxeddays.com/luxembourg/ #voxxeddaysLU
Outside the sandbox:APIs for secure coding
• PKI certificate revocation check (revision):
• PKI utilities continue to evolve (especially in providing more support for managing certificates and keys)
certificate authorityrevocation checking
OCSP
CRLcertificate
certificate
![Page 46: Security Architecture of the Java platform](https://reader034.vdocument.in/reader034/viewer/2022052705/5872a1301a28ab07208b5c21/html5/thumbnails/46.jpg)
voxxeddays.com/luxembourg/ #voxxeddaysLU
Outside the sandbox:APIs for secure coding
• JSSE provides an implementation of the TSL/SSL sockets for working with remote communication
• JSSE continues to evolve (especially in the support for additional features such as Server Name Identication)
![Page 47: Security Architecture of the Java platform](https://reader034.vdocument.in/reader034/viewer/2022052705/5872a1301a28ab07208b5c21/html5/thumbnails/47.jpg)
voxxeddays.com/luxembourg/ #voxxeddaysLU
Outside the sandbox:APIs for secure coding
• Java GSS API provides an alternative of JSSE for secure communication
• Java GSS API is a framework for providing token-based security services that is independent of the underlying protocols
![Page 48: Security Architecture of the Java platform](https://reader034.vdocument.in/reader034/viewer/2022052705/5872a1301a28ab07208b5c21/html5/thumbnails/48.jpg)
voxxeddays.com/luxembourg/ #voxxeddaysLU
Outside the sandbox:APIs for secure coding
• Java GSS API can be used along with JAAS for authentication purposes
• Java GSS API continues to evolve (especially in the support for Kerberos authentication)
![Page 49: Security Architecture of the Java platform](https://reader034.vdocument.in/reader034/viewer/2022052705/5872a1301a28ab07208b5c21/html5/thumbnails/49.jpg)
voxxeddays.com/luxembourg/ #voxxeddaysLU
Outside the sandbox:APIs for secure coding
• Java SASL defines a protocol for exchange of authentication data
• Java SASL is a framework where external providers give concrete semantics to the authentication data being exchanged
![Page 50: Security Architecture of the Java platform](https://reader034.vdocument.in/reader034/viewer/2022052705/5872a1301a28ab07208b5c21/html5/thumbnails/50.jpg)
voxxeddays.com/luxembourg/ #voxxeddaysLU
Outside the sandbox:APIs for secure coding
• Java SASL continues to evolve (especially with support for additional and enhanced properties for exchanging authentication data)
![Page 51: Security Architecture of the Java platform](https://reader034.vdocument.in/reader034/viewer/2022052705/5872a1301a28ab07208b5c21/html5/thumbnails/51.jpg)
voxxeddays.com/luxembourg/ #voxxeddaysLU
Designing and coding with security in mind
![Page 52: Security Architecture of the Java platform](https://reader034.vdocument.in/reader034/viewer/2022052705/5872a1301a28ab07208b5c21/html5/thumbnails/52.jpg)
voxxeddays.com/luxembourg/ #voxxeddaysLU
Designing and coding with security in mind
• First of all - follow programing guidelines and best practices - most are not bound to the Java programming language (input validation, error handling, type safety, access modifiers, resource cleanup, prepared SQL queries and whatever you can think of …)
![Page 53: Security Architecture of the Java platform](https://reader034.vdocument.in/reader034/viewer/2022052705/5872a1301a28ab07208b5c21/html5/thumbnails/53.jpg)
voxxeddays.com/luxembourg/ #voxxeddaysLU
Designing and coding with security in mind
• Respect the SecurityManager - design libraries so that they work in environments with installed SecurityManager
• Example: GSON library does not respect the SecurityManager and cannot be used without additional reflective permissions in some scenarios
![Page 54: Security Architecture of the Java platform](https://reader034.vdocument.in/reader034/viewer/2022052705/5872a1301a28ab07208b5c21/html5/thumbnails/54.jpg)
voxxeddays.com/luxembourg/ #voxxeddaysLU
Designing and coding with security in mind
• Grant minimal permissions to code that requires them - the principle of "least privilege"
• Copy-pasting, of course, increases the risk of security flows (if the copied code is flawed)
![Page 55: Security Architecture of the Java platform](https://reader034.vdocument.in/reader034/viewer/2022052705/5872a1301a28ab07208b5c21/html5/thumbnails/55.jpg)
voxxeddays.com/luxembourg/ #voxxeddaysLU
Designing and coding with security in mind
• Sanitize exception messages from sensitive information - often this results in an unintended exposal of exploitable information
• Let alone exception stacktraces … in many cases they convey a wealth of information about the system
![Page 56: Security Architecture of the Java platform](https://reader034.vdocument.in/reader034/viewer/2022052705/5872a1301a28ab07208b5c21/html5/thumbnails/56.jpg)
voxxeddays.com/luxembourg/ #voxxeddaysLU
Thank you
![Page 57: Security Architecture of the Java platform](https://reader034.vdocument.in/reader034/viewer/2022052705/5872a1301a28ab07208b5c21/html5/thumbnails/57.jpg)
voxxeddays.com/luxembourg/ #voxxeddaysLU
References• Java Security Overview (white paper)http://www.oracle.com/technetwork/java/js-white-paper-149932.pdf
• Java SE Platform Security Architecture Spechttp://docs.oracle.com/javase/7/docs/technotes/guides/security/spec/security-spec.doc.html
• Inside Java 2 Platform Security, 2nd editionhttp://www.amazon.com/Inside-Java%C2%BF-Platform-Security-Implementation/dp/0201787911
![Page 58: Security Architecture of the Java platform](https://reader034.vdocument.in/reader034/viewer/2022052705/5872a1301a28ab07208b5c21/html5/thumbnails/58.jpg)
voxxeddays.com/luxembourg/ #voxxeddaysLU
References• Java Security, 2nd edition, Scott Oakshttp://shop.oreilly.com/product/9780596001575.do
• Securing Java, Gary McGraw, Ed Feldenhttp://www.securingjava.com
• Secure Coding Guidelines for Java SEhttp://www.oracle.com/technetwork/java/seccodeguide-139067.html#0
![Page 59: Security Architecture of the Java platform](https://reader034.vdocument.in/reader034/viewer/2022052705/5872a1301a28ab07208b5c21/html5/thumbnails/59.jpg)
voxxeddays.com/luxembourg/ #voxxeddaysLU
References• Java 2 Network Securityhttp://www.amazon.com/JAVA-Network-Security-2nd-Edition/dp/0130155926
• Java Security Documentationhttp://docs.oracle.com/javase/8/docs/technotes/guides/security/index.html
![Page 60: Security Architecture of the Java platform](https://reader034.vdocument.in/reader034/viewer/2022052705/5872a1301a28ab07208b5c21/html5/thumbnails/60.jpg)
voxxeddays.com/luxembourg/ #voxxeddaysLU
References• Core Java Security: Class Loaders, Security Managers and
Encryptionhttp://www.informit.com/articles/article.aspx?p=1187967
• Overview of Java Security Modelshttp://docs.oracle.com/cd/E12839_01/core.1111/e10043/introjps.htm#CHDCEJGH