java security. overview hermetically sealed vs. networked executable content (web pages & email)...
TRANSCRIPT
![Page 1: Java Security. Overview Hermetically Sealed vs. Networked Executable Content (Web Pages & email) Java Security on the Browser Java Security in the Enterprise](https://reader035.vdocuments.us/reader035/viewer/2022062407/56649cab5503460f9496cd0c/html5/thumbnails/1.jpg)
Java Security
![Page 2: Java Security. Overview Hermetically Sealed vs. Networked Executable Content (Web Pages & email) Java Security on the Browser Java Security in the Enterprise](https://reader035.vdocuments.us/reader035/viewer/2022062407/56649cab5503460f9496cd0c/html5/thumbnails/2.jpg)
Overview
• Hermetically Sealed vs. Networked
• Executable Content (Web Pages & email)
• Java Security on the Browser• Java Security in the Enterprise• Java Security on the Network
![Page 3: Java Security. Overview Hermetically Sealed vs. Networked Executable Content (Web Pages & email) Java Security on the Browser Java Security in the Enterprise](https://reader035.vdocuments.us/reader035/viewer/2022062407/56649cab5503460f9496cd0c/html5/thumbnails/3.jpg)
JVM as Gatekeeper
• Indirect Execution• Language Features (no pointers,
type-safe)• Class Loaders• Bytecode Verifiers
![Page 4: Java Security. Overview Hermetically Sealed vs. Networked Executable Content (Web Pages & email) Java Security on the Browser Java Security in the Enterprise](https://reader035.vdocuments.us/reader035/viewer/2022062407/56649cab5503460f9496cd0c/html5/thumbnails/4.jpg)
Security Solutions
• Java Security on the Browser– Browser Security Managers– Sandbox– Digital Signatures
• Java Security in the Enterprise– Access Control– Authentication – Authorization– Confidentiality and Integrity Protection
• Java Security on the Network – Encryption
![Page 5: Java Security. Overview Hermetically Sealed vs. Networked Executable Content (Web Pages & email) Java Security on the Browser Java Security in the Enterprise](https://reader035.vdocuments.us/reader035/viewer/2022062407/56649cab5503460f9496cd0c/html5/thumbnails/5.jpg)
Java
Application Server
Application Server
Presentation& Business Logic
Servlet/JSPEJBs, RMI Objects
JDBC
Internet
Browser
Web Server
![Page 6: Java Security. Overview Hermetically Sealed vs. Networked Executable Content (Web Pages & email) Java Security on the Browser Java Security in the Enterprise](https://reader035.vdocuments.us/reader035/viewer/2022062407/56649cab5503460f9496cd0c/html5/thumbnails/6.jpg)
One Observation
In all likelihood, security flaws will continue to be discovered (and patched) in Java VM implementations. Despite this, Java remains perhaps the most secure platform currently available. There have been few, if any, reported instances of malicious Java code exploiting security holes "in the wild". For practical purposes, the Java platform appears to be adequately secure, especially when contrasted with some of the insecure and virus-ridden alternatives.
- David Flanagan, Java in a Nutshell
![Page 7: Java Security. Overview Hermetically Sealed vs. Networked Executable Content (Web Pages & email) Java Security on the Browser Java Security in the Enterprise](https://reader035.vdocuments.us/reader035/viewer/2022062407/56649cab5503460f9496cd0c/html5/thumbnails/7.jpg)
Types of Attack
• System Attack• Data theft• Masquerade• Denial of Service• Annoyance
![Page 8: Java Security. Overview Hermetically Sealed vs. Networked Executable Content (Web Pages & email) Java Security on the Browser Java Security in the Enterprise](https://reader035.vdocuments.us/reader035/viewer/2022062407/56649cab5503460f9496cd0c/html5/thumbnails/8.jpg)
Defending against Attack
Class
ComputerResources
BytecodeVerifier
ClassLoader
SecurityManager
![Page 9: Java Security. Overview Hermetically Sealed vs. Networked Executable Content (Web Pages & email) Java Security on the Browser Java Security in the Enterprise](https://reader035.vdocuments.us/reader035/viewer/2022062407/56649cab5503460f9496cd0c/html5/thumbnails/9.jpg)
Class Loaders
• VM only loads class files that are needed for the execution of a program
• Every Java program has at least three class loaders:– Bootstrap class loader– Extension class loader– System class loader
![Page 10: Java Security. Overview Hermetically Sealed vs. Networked Executable Content (Web Pages & email) Java Security on the Browser Java Security in the Enterprise](https://reader035.vdocuments.us/reader035/viewer/2022062407/56649cab5503460f9496cd0c/html5/thumbnails/10.jpg)
Bootstrap class loader
• Loads system classes (rt.jar)• Usually implemented in C• Integral part of the JVM• No ClassLoader object available
![Page 11: Java Security. Overview Hermetically Sealed vs. Networked Executable Content (Web Pages & email) Java Security on the Browser Java Security in the Enterprise](https://reader035.vdocuments.us/reader035/viewer/2022062407/56649cab5503460f9496cd0c/html5/thumbnails/11.jpg)
Other class loaders
• Extension class loader– Loads standard extensions (jre/lib/ext)
• System class loader– Loads application classes from
CLASSPATH
• Both of the above are implemented in Java
• Both of the above are instances of the URLClassLoader class.
![Page 12: Java Security. Overview Hermetically Sealed vs. Networked Executable Content (Web Pages & email) Java Security on the Browser Java Security in the Enterprise](https://reader035.vdocuments.us/reader035/viewer/2022062407/56649cab5503460f9496cd0c/html5/thumbnails/12.jpg)
Namespaces
• Beyond just the fully resolved class and package name
• A class is determined by its full name and the class loader
• Useful for loading code from multiple sources
• Two classes in the same VM may have the same class and package name
![Page 13: Java Security. Overview Hermetically Sealed vs. Networked Executable Content (Web Pages & email) Java Security on the Browser Java Security in the Enterprise](https://reader035.vdocuments.us/reader035/viewer/2022062407/56649cab5503460f9496cd0c/html5/thumbnails/13.jpg)
Namespaces
Internet
Sun Applet Kaos Applet
Browser JVM
com.sun.Car (Sun)
com.sun.Car (Kaos)
Class loader r1
Class loader r2
www.sun.com
www.kaos.com
r1
r2r1 r2
![Page 14: Java Security. Overview Hermetically Sealed vs. Networked Executable Content (Web Pages & email) Java Security on the Browser Java Security in the Enterprise](https://reader035.vdocuments.us/reader035/viewer/2022062407/56649cab5503460f9496cd0c/html5/thumbnails/14.jpg)
Bytecode Verification
• Inspects bytecodes from newly loaded class
• Checks instructions to make sure they are safe
• All classes except system classes are verified
![Page 15: Java Security. Overview Hermetically Sealed vs. Networked Executable Content (Web Pages & email) Java Security on the Browser Java Security in the Enterprise](https://reader035.vdocuments.us/reader035/viewer/2022062407/56649cab5503460f9496cd0c/html5/thumbnails/15.jpg)
Verification Checks
• Variables initialized before use• Method calls match types of object
references• Rules for accessing private data and
methods upheld• Local variable accesses fall within
the runtime stack• The runtime stack does not overflow
![Page 16: Java Security. Overview Hermetically Sealed vs. Networked Executable Content (Web Pages & email) Java Security on the Browser Java Security in the Enterprise](https://reader035.vdocuments.us/reader035/viewer/2022062407/56649cab5503460f9496cd0c/html5/thumbnails/16.jpg)
Security Manager
• Determines if a specific operation is permitted– Accessing fields of another class
using reflection– Accessing a file– Starting a print job– Accessing the AWT event queue– Exiting the virtual machine
![Page 17: Java Security. Overview Hermetically Sealed vs. Networked Executable Content (Web Pages & email) Java Security on the Browser Java Security in the Enterprise](https://reader035.vdocuments.us/reader035/viewer/2022062407/56649cab5503460f9496cd0c/html5/thumbnails/17.jpg)
Consulting the Security Manager
public void exit(int status)
{
SecurityManager sec = System.getSecurityManager();
if( sec != null )
sec.checkExit(status);
exitInternal(status);
}
![Page 18: Java Security. Overview Hermetically Sealed vs. Networked Executable Content (Web Pages & email) Java Security on the Browser Java Security in the Enterprise](https://reader035.vdocuments.us/reader035/viewer/2022062407/56649cab5503460f9496cd0c/html5/thumbnails/18.jpg)
Permission Sets
• A security policy maps code sources to permission sets
Code Source 1Code base (location)
certificates
Code Source 2Code base (location)
certificates
Permission Set 1permission #1apermission #1b
Permission Set 2permission #2apermission #2bpermission #2c
![Page 19: Java Security. Overview Hermetically Sealed vs. Networked Executable Content (Web Pages & email) Java Security on the Browser Java Security in the Enterprise](https://reader035.vdocuments.us/reader035/viewer/2022062407/56649cab5503460f9496cd0c/html5/thumbnails/19.jpg)
Policy Files
• Instructions that map code sources to permissions
grant codebase “http://www.cs.weber.edu/classes”
{
permission java.io.FilePermission “/tmp/*”, “read,write”;
};
![Page 20: Java Security. Overview Hermetically Sealed vs. Networked Executable Content (Web Pages & email) Java Security on the Browser Java Security in the Enterprise](https://reader035.vdocuments.us/reader035/viewer/2022062407/56649cab5503460f9496cd0c/html5/thumbnails/20.jpg)
Where are policy files?
• The file java.policy in the Java platform home directory
• The file .java.policy in the user home directory
![Page 21: Java Security. Overview Hermetically Sealed vs. Networked Executable Content (Web Pages & email) Java Security on the Browser Java Security in the Enterprise](https://reader035.vdocuments.us/reader035/viewer/2022062407/56649cab5503460f9496cd0c/html5/thumbnails/21.jpg)
Specifying policy files
• Assume a customized policy file called MyApp.policy
• Inside an application main method:
System.setProperty(“java.security.policy”, “MyApp.policy”);
• On the command line:
java –Djava.security.policy=MyApp.policy MyApp
• For applets:
appletviewer -J–Djava.security.policy=MyApp.policy MyApp.html
![Page 22: Java Security. Overview Hermetically Sealed vs. Networked Executable Content (Web Pages & email) Java Security on the Browser Java Security in the Enterprise](https://reader035.vdocuments.us/reader035/viewer/2022062407/56649cab5503460f9496cd0c/html5/thumbnails/22.jpg)
Installing a Security Manager
• Inside an application main method:
System.setSecurityManager(new SecurityManager());
• On the command line:
java –Djava.security.manager
-Djava.security.policy=MyApp.policy MyApp
![Page 23: Java Security. Overview Hermetically Sealed vs. Networked Executable Content (Web Pages & email) Java Security on the Browser Java Security in the Enterprise](https://reader035.vdocuments.us/reader035/viewer/2022062407/56649cab5503460f9496cd0c/html5/thumbnails/23.jpg)
JAAS – Java Authentication and Authorization Service
• Authentication – ascertaining identity• Authorization – map users to permissions• Isolates Java applications from
underlying technology used to implement authentication– UNIX logins– NT logins– Kerberos authentication– Certificate-based authentication
![Page 24: Java Security. Overview Hermetically Sealed vs. Networked Executable Content (Web Pages & email) Java Security on the Browser Java Security in the Enterprise](https://reader035.vdocuments.us/reader035/viewer/2022062407/56649cab5503460f9496cd0c/html5/thumbnails/24.jpg)
Digital Signatures
• Allows different levels of security• Has the transmitted message been
tampered with?• Message Digest (SHA1, MD5)• Public/Private Key (DSA)• Certificate Signing
![Page 25: Java Security. Overview Hermetically Sealed vs. Networked Executable Content (Web Pages & email) Java Security on the Browser Java Security in the Enterprise](https://reader035.vdocuments.us/reader035/viewer/2022062407/56649cab5503460f9496cd0c/html5/thumbnails/25.jpg)
Encryption
• Obscures transmission of plain text• Hides confidential information• Java Cryptographic Extension
(JCE)– Cipher class
• Data Encryption Standard (DES)