The first time you sign into developerWorks, a profile is created for you. Select information in your developerWorks profile is displayed to the public, but you may edit the information at any time. Your first name, last name (unless you choose to hide them), and display name will accompany the content that you post.

All information submitted is secure.

The first time you sign in to developerWorks, a profile is created for you, so you need to choose a display name. Your display name accompanies the content you post on developerworks.

Please choose a display name between 3-31 characters. Your display name must be unique in the developerWorks community and should not be your email address for privacy reasons.

All information submitted is secure.

My developerWorks:

My notifications:

Sign out

Select a language:

Java security: Java security, Part 1: Crypto basics

Brad Rubin (BradRubin@BradRubin.com), Principal, Brad Rubin & Associates Inc.

Brad Rubin is principal of Brad Rubin & Associates Inc., a computer-security consulting company specializing in wireless network and Java application security and education. Brad spent 14 years with IBM in Rochester, MN, working on all facets of the AS/400 hardware and software development, starting with its first release. He was a key player in IBM's move to embrace the Java platform, and was lead architect of IBM's largest Java application, a business application framework product called SanFrancisco (now part of WebSphere). He was also chief technology officer for the Data Storage Division of Imation Corp., as well as the leader of its R&D organization.

Brad has degrees in Computer and Electrical Engineering, and a Doctorate in Computer Science from the University of Wisconsin, Madison. He currently teaches the Senior Design course in Electrical and Computer Engineering at the University of Minnesota, and will develop and teach the university's Computer Security course in Fall 2002.

Summary: The Java platform, both its base language features and library extensions, provides an excellent base for writing secure applications. In this tutorial, the first of two parts on Java security, Brad Rubin guides you through the basics of cryptography and how it is implemented in the Java programming language, using plenty of code examples to illustrate the concepts.

Tag this!

Date: 19 Jul 2002
Level: Introductory
PDF: A4 and Letter (112 KB | 32 pages)Get Adobe® Reader®

Activity: 45346 views
Comments:

Wrapup

Summary

This tutorial introduced the major cryptographic building blocks that can be used to provide a vast array of application security solutions. You've become familiar with such Java security topics as:

Built-in features that facilitate secure programming (no pointers, a bytecode verifier, fine-grained control over resource access for both applets and applications, a large number of library functions for all the major cryptographic building blocks, and SSL).
Secure programming techniques (proper storage and deletion of passwords and intelligent serialization).
Features newly integrated in JDK 1.4 (JCE, JSSE, JAAS, JGSS, and CertPath API).
Enriching, third-party security offerings.

And the following concepts:

Message digests
Message authentication codes
Private key cryptography
Public key cryptography
Digital signatures
Digital certificates
Certification authorities and paths
Code signing
SSL/TLS

You should be well poised to explore Java security in more detail (see the Resources section) and to take the next tutorial, Java security, Part 2: Authentication and authorization.

Comments

Close [x]

Help: Update or add to My dW interests

What's this?

This little timesaver lets you update your My developerWorks profile with just one click! The general subject of this content (AIX and UNIX, Information Management, Lotus, Rational, Tivoli, WebSphere, Java, Linux, Open source, SOA and Web services, Web development, or XML) will be added to the interests section of your profile, if it's not there already. You only need to be logged in to My developerWorks.

And what's the point of adding your interests to your profile? That's how you find other users with the same interests as yours, and see what they're reading and contributing to the community. Your interests also help us recommend relevant developerWorks content to you.

View your My developerWorks profile

Return from help

Close [x]

Help: Remove from My dW interests

What's this?

Removing this interest does not alter your profile, but rather removes this piece of content from a list of all content for which you've indicated interest. In a future enhancement to My developerWorks, you'll be able to see a record of that content.

View your My developerWorks profile

Return from help

static.content.url=http://www.ibm.com/developerworks/js/artrating/

SITE_ID=1

Zone=Java technology

ArticleID=132295

TutorialTitle=Java security: Java security, Part 1: Crypto basics

publish-date=07192002

author1-email=BradRubin@BradRubin.com

author1-email-cc=

Local resources

Dig deeper into Java on developerWorks

Discover knowledge paths

Skill-building guides for Java, Linux, open source, cloud, business analytics, and more.

My developerWorks:

My notifications:

Select a language:

Technical topics

Evaluation software

Community

Events

Java security: Java security, Part 1: Crypto basics

What's this?

What's this?

Table of contents

Local resources

Dig deeper into Java on developerWorks

Discover knowledge paths

Share this page:

Follow developerWorks:

My developerWorks:

My notifications:

Select a language:

Technical topics

Evaluation software

Community

Events

Java security: Java security, Part 1: Crypto basics

What's this?

What's this?

Table of contents

Local resources

Tags

Dig deeper into Java on developerWorks

Discover knowledge paths

Share this page:

Follow developerWorks: