Java Security, 2/e (Paperback)

Scott Oaks

買這商品的人也買了...

相關主題

商品描述

One of Java's most striking claims is that it provides a secure programming environment. Yet despite endless discussion, few people understand precisely what Java's claims mean and how it backs up those claims. If you're a developer, network administrator or anyone else who must understand or work with Java's security mechanisms, Java Security is the in-depth exploration you need.

Java Security, 2nd Edition, focuses on the basic platform features of Java that provide security--the class loader, the bytecode verifier, and the security manager--and recent additions to Java that enhance this security model: digital signatures, security providers, and the access controller. The book covers the security model of Java 2, Version 1.3, which is significantly different from that of Java 1.1. It has extensive coverage of the two new important security APIs: JAAS (Java Authentication and Authorization Service) and JSSE (Java Secure Sockets Extension). Java Security, 2nd Edition, will give you a clear understanding of the architecture of Java's security model and how to use that model in both programming and administration.

The book is intended primarily for programmers who want to write secure Java applications. However, it is also an excellent resource for system and network administrators who are interested in Java security, particularly those who are interested in assessing the risk of using Java and need to understand how the security model works in order to assess whether or not Java meets their security needs.

 

商品描述(中文翻譯)

Java安全性是Java最引人注目的特點之一,它提供了一個安全的編程環境。然而,儘管有無數的討論,很少有人確切理解Java的安全性特點以及它是如何支持這些特點的。如果你是一個開發人員、網絡管理員或者其他必須理解或使用Java安全機制的人,那麼《Java安全性》就是你需要的深入探索。

《Java安全性》第二版主要關注Java提供的基本平台功能,包括類加載器、字節碼驗證器和安全管理器,以及近期對Java的安全模型進行增強的功能:數字簽名、安全提供者和訪問控制器。本書涵蓋了Java 2版本1.3的安全模型,該模型與Java 1.1的安全模型有顯著不同。此外,本書還詳細介紹了兩個重要的安全API:JAAS(Java身份驗證和授權服務)和JSSE(Java安全套接字擴展)。《Java安全性》第二版將幫助你清楚理解Java安全模型的架構,以及如何在編程和管理中使用該模型。

本書主要針對希望編寫安全Java應用程序的程序員。然而,對於對Java安全性感興趣的系統和網絡管理員來說,它也是一個很好的資源,特別是那些希望評估使用Java的風險並需要了解安全模型如何工作以評估Java是否滿足其安全需求的人。