The Artima Developer Community
Under The Hood | Book List | Print | Email | First Page | Previous | Next
Sponsored Link

Java's Security Architecture
Java's Security Model and Built-In Safety Features
by Bill Venners
First Published in JavaWorld, July 1997

Page 1 of 4  >>


One of the primary reasons Java technology is a "good fit" for networks is that it has a comprehensive security model designed into its architecture. The first half of this article gives an overview of Java's security model. The second half focuses on one aspect of that security model: the safety features built into the Java virtual machine.

This month's "Under The Hood" column is the first of a four-part series about Java's security model. The four articles will focus on the security infrastructure built into the Java virtual machine (JVM) and the java.lang library. This first article gives an overview of the security model and describes the JVM's safety features.

Why security?
Java's security model is one of the language's key architectural features that makes it an appropriate technology for networked environments. Security is important because networks provide a potential avenue of attack to any computer hooked to them. This concern becomes especially strong in an environment in which software is downloaded across the network and executed locally, as is done with Java applets, for example. Because the class files for an applet are automatically downloaded when a user goes to the containing Web page in a browser, it is likely that a user will encounter applets from untrusted sources. Without any security, this would be a convenient way to spread viruses. Thus, Java's security mechanisms help make Java suitable for networks because they establish a needed trust in the safety of network-mobile code.

Java's security model is focused on protecting users from hostile programs downloaded from untrusted sources across a network. To accomplish this goal, Java provides a customizable "sandbox" in which Java programs run. A Java program must play only inside its sandbox. It can do anything within the boundaries of its sandbox, but it can't take any action outside those boundaries. The sandbox for untrusted Java applets, for example, prohibits many activities, including:

By making it impossible for downloaded code to perform certain actions, Java's security model protects the user from the threat of hostile code.

Page 1 of 4  >>

Under The Hood | Book List | Print | Email | First Page | Previous | Next

Sponsored Links

Copyright © 1996-2018 Artima, Inc. All Rights Reserved. - Privacy Policy - Terms of Use