ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzaha_5.4.0.1/securmod.htm

69 lines
6.2 KiB
HTML
Raw Normal View History

2024-04-02 14:02:31 +00:00
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="concept" />
<meta name="DC.Title" content="Java security model" />
<meta name="abstract" content="You can download Java applets from any system; thus, security mechanisms exist within the Java virtual machine to protect against malicious applets. The Java runtime system verifies the bytecodes as the Java virtual machine loads them. This ensures that they are valid bytecodes and that the code does not violate any of the restrictions that the Java virtual machine places on Java applets." />
<meta name="description" content="You can download Java applets from any system; thus, security mechanisms exist within the Java virtual machine to protect against malicious applets. The Java runtime system verifies the bytecodes as the Java virtual machine loads them. This ensures that they are valid bytecodes and that the code does not violate any of the restrictions that the Java virtual machine places on Java applets." />
<meta name="DC.Relation" scheme="URI" content="security.htm" />
<meta name="DC.Relation" scheme="URI" content="rzahajce.htm" />
<meta name="DC.Relation" scheme="URI" content="rzahajssemain.htm" />
<meta name="DC.Relation" scheme="URI" content="jaasbase.htm" />
<meta name="DC.Relation" scheme="URI" content="rzahajgssover.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="securmod" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>Java security model</title>
</head>
<body id="securmod"><a name="securmod"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">Java security model</h1>
<div><p>You can download Java™ applets from any system; thus, security
mechanisms exist within the Java virtual machine to protect against
malicious applets. The Java runtime system verifies the bytecodes
as the Java virtual machine loads them. This ensures that they
are valid bytecodes and that the code does not violate any of the restrictions
that the Java virtual machine places on Java applets.</p>
<p>Just as with applets, the byte code loader and verifier check that the
byte codes are valid and data types are used properly. They also check that
registers and memory are accessed correctly, and that the stack does not overflow
or underflow. These checks ensure that the Java virtual machine can safely run the
class without compromising the integrity of the system.</p>
<p>Java applets
are restricted in what operations they can perform, how they access memory,
and how they use the Java virtual machine. The restrictions are
in place to prevent a Java applet from gaining access to underlying
operating system or data on the system. This is the "sandbox" security model,
because the Java applet can only "play" in its own sandbox.</p>
<p>The "sandbox" security model is a combination of the class loader, class
file verifier, and the java.lang.SecurityManager class.</p>
<p>For more information about security, see the <a href="javaapi/guide/security/index.html" target="_blank">Security by Sun Microsystems, Inc.</a> documentation and <a href="../rzain/rzainsecapps.htm" target="_blank">Secure applications
with SSL</a>.</p>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="security.htm" title="This topic provides details on adopted authority and explains how you can use SSL to make socket streams secure in your Java application.">Java security</a></div>
</div>
<div class="relconcepts"><strong>Related concepts</strong><br />
<div><a href="rzahajce.htm" title="The Java Cryptography Extension (JCE) 1.2 is a standard extension to the Java 2 Software Development Kit (J2SDK), Standard Edition. The JCE implementation on an iSeries server is compatible with the implementation of Sun Microsystems, Inc. This documentation covers the unique aspects of the iSeries implementation.">Java Cryptography Extension</a></div>
<div><a href="rzahajssemain.htm" title="The Java Secure Socket Extension (JSSE) is the Java implementation of the Secure Sockets Layer (SSL) protocol. JSSE uses SSL and the Transport Layer Security (TLS) protocol to enable clients and servers to conduct secure communications over TCP/IP.">Java Secure Socket Extension</a></div>
<div><a href="jaasbase.htm" title="The Java Authentication and Authorization Service (JAAS) is a standard extension to the Java 2 Software Development Kit (J2SDK), Standard Edition. J2SDK provides access controls that are based on where the code originated and who signed the code (code source-based access controls). It lacks, however, the ability to enforce additional access controls based on who runs the code. JAAS provides a framework that adds this support to the Java 2 security model.">Java Authentication and Authorization Service</a></div>
<div><a href="rzahajgssover.htm" title="The Java Generic Security Service (JGSS) provides a generic interface for authentication and secure messaging. Under this interface you can plug a variety of security mechanisms based on secret-key, public-key, or other security technologies.">IBM Java Generic Security Service (JGSS)</a></div>
</div>
</div>
</body>
</html>