One of Java's most striking claims is that it provides a secure programming environment. Yet despite endless discussion, few people understand precisely what Java's claims mean and how it backs up those claims. If you're a developer, network administrator or anyone else who must understand or work with Java's security mechanisms, Java Security is the in-depth exploration you need. Java Security, 2nd Edition, focuses on the basic platform features of Java that provide security--the class loader, the bytecode verifier, and the security manager--and recent additions to Java that enhance this security model: digital signatures, security providers, and the access controller. The book covers the security model of Java 2, Version 1.3, which is significantly different from that of Java 1.1. It has extensive coverage of the two new important security APIs: JAAS (Java Authentication and Authorization Service) and JSSE (Java Secure Sockets Extension). Java Security, 2nd Edition, will give you a clear understanding of the architecture of Java's security model and how to use that model in both programming and administration. The book is intended primarily for programmers who want to write secure Java applications. However, it is also an excellent resource for system and network administrators who are interested in Java security, particularly those who are interested in assessing the risk of using Java and need to understand how the security model works in order to assess whether or not Java meets their security needs.

Amazon.com® Reader Reviews (Ranked by Helpfulness)

Average Amazon.com® Rating:  Based on 18 Ratings

Good Overview of Java Security - 2002-09-25
Reviewer Rating:
The term "security" means many different things. This book deals with the built-in security features of Java, which most programmers access through the Security Manager and Access Controller. Overall, I liked this book and found it a really good introduction to secutiry. However, for the price of this book, I expected a lot more infomation. For example, I would have liked it if the author explored the cryptographic package in depth and gave more real world examples of using ciphers and encryption. ALthough this is not technically what the book is about, most people think of cryptogrophy in terms of security.

This book needs a revision. - 2006-04-27
Reviewer Rating:
JDK 1.5 has many updates to platform security as well as APIs. I bought this book recently and it does not have updates after jdk 1.4.

Excellent JAVA book covering all security issues - 2005-08-27
Reviewer Rating:
A good introduction and explanation of the Java language security (sandbox, security manager, access controller and class loaders). The same for criptography, it is clearer than Java criptography. It includes great chapters for SSL and JAAS. God job Scott (Oaks). I really recommend this book both for introduction and guide.

Good Structure - 2004-11-26
Reviewer Rating:
One thing for sure that this book is well structured, chapters are properly segregated and closely linked to each other. It makes introduction to java security seems easy.

I used to find java security a bit complicated, got pieces of information from articles that I read, but I ended up having more questions.

Some of the APIs shown in the examples are deprecated for JDK 1.4, but you can easily replace them with the new classes.

Good on intro...needs an update to JDK 1.4 and above. - 2007-07-29
Reviewer Rating:
The content of this book is dated now and this book needs a revision. The book does not cover Java security from JDK 1.4 and above. I suggest to use Core Security Patterns by Steel, Nagappan, Lay, which covers Java and J2EE security todate.

Browse Similar Topics

Top Level Categories:
Internet/Online
Programming
Security

Sub-Categories:
Internet/Online > Java
Internet/Online > Security
Programming > Java
Security > Software Engineering